[magnolia-dev] [JIRA] Updated: (MGNLSTK-959) Protected Page does not redirect to the login page

Wed, 20 Jun 2012 01:27:44 -0700 

     [ 
http://jira.magnolia-cms.com/browse/MGNLSTK-959?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Milan Divilek updated MGNLSTK-959:
----------------------------------

        Summary: Protected Page does not redirect to the login page  (was: 
protected page in Demo project is not protected due to incorrect setting of 
ACLs of Anonymous user)
    Description: Anonymous role has deny access to 
/demo-project/members-area/protected* , this rule should be used in 
{{info.magnolia.cms.security.URISecurityFilter.isAuthorized(HttpServletRequest)}},
 but this doesn't happen due to this rule pattern doesn't match with current 
uri. {{info.magnolia.cms.core.AggregationState.getCurrentURI()}} has value 
"/members-area/protected" because 
{{info.magnolia.module.extendedtemplatingkit.filters.MultiSiteFilter}} removes 
site definition name from uri.  (was: The anonymous role has no deny on the 
protect page on a public:
http://demopublic.magnolia-cms.com/demo-project/members-area/protected.html

The login screen does not appear.)

> Protected Page does not redirect to the login page
> --------------------------------------------------
>
>                 Key: MGNLSTK-959
>                 URL: http://jira.magnolia-cms.com/browse/MGNLSTK-959
>             Project: Magnolia Standard Templating Kit
>          Issue Type: Bug
>          Components: demoproject
>    Affects Versions: 2.0.1
>            Reporter: Christian Ringele
>            Assignee: Milan Divilek
>            Priority: Critical
>             Fix For: 2.0.4
>
>
> Anonymous role has deny access to /demo-project/members-area/protected* , 
> this rule should be used in 
> {{info.magnolia.cms.security.URISecurityFilter.isAuthorized(HttpServletRequest)}},
>  but this doesn't happen due to this rule pattern doesn't match with current 
> uri. {{info.magnolia.cms.core.AggregationState.getCurrentURI()}} has value 
> "/members-area/protected" because 
> {{info.magnolia.module.extendedtemplatingkit.filters.MultiSiteFilter}} 
> removes site definition name from uri.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

Reply via email to