[
https://issues.apache.org/jira/browse/SLING-1588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ian Boston resolved SLING-1588.
-------------------------------
Resolution: Fixed
I think this is now fixed,
>From the curl sequence the cookie is removed before the redirect and then the
>form displays no infinite loop.
> form auth can create an endless redirect loop
> ---------------------------------------------
>
> Key: SLING-1588
> URL: https://issues.apache.org/jira/browse/SLING-1588
> Project: Sling
> Issue Type: Bug
> Components: Extensions
> Reporter: Justin Edelson
> Priority: Critical
> Fix For: Extensions Form Based Authentication 1.0.0
>
>
> Steps to reproduce (I'm sure there's more than one way to reproduce this):
> * Take trunk launchpad and add formauth bundle
> * Set service.ranking of FormAuthenticationHandler to > 0
> Then...
> curl -v -b sling.formauth=garbage http://localhost:8888/index.html
> redirects to
> http://localhost:8888/system/sling/form/login?resource=%2Findex.html&j_reason=TIMEOUT
> so try this url:
> curl -v -b sling.formauth=garbage
> http://localhost:8888/system/sling/form/login?resource=%2Findex.html\&j_reason=TIMEOUT
> which redirects to:
> http://localhost:8888/system/sling/form/login?resource=%2Fsystem%2Fsling%2Fform%2Flogin&j_reason=TIMEOUT
> requesting that url with a garbage cookie redirects again and again and
> again...
> workaround is to enable the "Include Form" option.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
