This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.auth.form-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git
commit 99b10530e36e5c5c2dc52fd5cd6b468c4edfc06e Author: Ian Boston <[email protected]> AuthorDate: Wed Jul 28 15:32:37 2010 +0000 SLING-1588 Fixed, cookie needs to be removed when found to be invalid. git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/formauth@980097 13f79535-47bb-0310-9956-ffa450edef68 --- .../java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java index f92768d..638c04b 100644 --- a/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java +++ b/src/main/java/org/apache/sling/formauth/impl/FormAuthenticationHandler.java @@ -308,6 +308,9 @@ public class FormAuthenticationHandler extends AbstractAuthenticationHandler { // signal the requestCredentials method a previous login failure request.setAttribute(PAR_J_REASON, FormReason.TIMEOUT); info = AuthenticationInfo.FAIL_AUTH; + // clear the cookie, its invalid and we should get rid of it so that the invalid cookie + // isn't present on the authN operation. + authStorage.clear(request, response); } } } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
