[
https://issues.apache.org/jira/browse/SHIRO-406?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Les Hazlewood resolved SHIRO-406.
---------------------------------
Resolution: Not A Problem
Resolving due to configuration issue. Alex - if there was something we could
have done to make this more clear (e.g. update the docs somehow), please let us
know.
> Redirected to the wrong url after successful login
> --------------------------------------------------
>
> Key: SHIRO-406
> URL: https://issues.apache.org/jira/browse/SHIRO-406
> Project: Shiro
> Issue Type: Bug
> Affects Versions: 1.2.1
> Environment: jboss 7, hibernate 4, jsf2, primfaces
> Reporter: Alex Edwards
> Priority: Minor
>
> Navigate to a secure page that requires the user to be logged in, the user is
> redirected to the login page, after successful login the user is redirected
> to a primfaces js page.
> Cause
> This occurs when the login page is contained within a secured url, if the
> login page contains any external links e.g. js,css one of these will end up
> being the saved request.
> I think this is the wrong behaviour, if the login page is treated as a
> special case (as it seems to be) then the request that caused it to be
> invoked should remain as the saved request, subsequent requests for secure
> content by the login page should not be saved or provided.
> As this is essentially user mis-configuration it could be prevented by not
> having the login page as a special case, if it is located at a secure url
> nothing will happen.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
