[
https://issues.apache.org/jira/browse/SLING-1855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Felix Meschberger updated SLING-1855:
-------------------------------------
Fix Version/s: (was: Extensions OpenID Authentication 0.9.0)
Auth Core 1.0.4
Event though this problem manifests itself in OpenID 0.9.0 the fix will come
with the Auth Core 1.0.4 release.
> Form action for form of OpenID authenticationhandler is "j_security_check".
> Posting form hits "POST" servlet instead of authenticationHandler
> ---------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SLING-1855
> URL: https://issues.apache.org/jira/browse/SLING-1855
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: Extensions OpenID Authentication 0.9.0
> Environment: all
> Reporter: Jos Snellings
> Fix For: Auth Core 1.0.4
>
>
> Problem, just observed:
> - activated OpenID authentication handler on content tree "noanonymous"
> => when accessing a resource, sling correctly displays the OpenID
> login form
> however, the login form contains a form action:
> <form id="loginform" method="POST" action="/j_security_check"
> enctype="multipart/form-data" accept-charset="UTF-8">
> When posting this form back, sling says:
> Error while processing /j_security_check
> Status 500
> Message javax.jcr.AccessDeniedException:
> /j_security_check/openid_identifier.
> ------------------------------------------------------
> Preliminary diagnosis by F. Meschberger:
> => bug in the login form generation. It should probably
> really include the path of the authentication handler registration
> which triggered the login form being rendered.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
