[
https://issues.apache.org/jira/browse/SLING-10588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Klco closed SLING-10588.
----------------------------
> Almost all pages are 401 unauthorized
> -------------------------------------
>
> Key: SLING-10588
> URL: https://issues.apache.org/jira/browse/SLING-10588
> Project: Sling
> Issue Type: Bug
> Components: App CMS
> Affects Versions: App CMS 1.0.2
> Reporter: James Raynor
> Assignee: Dan Klco
> Priority: Major
> Fix For: App CMS 1.0.4
>
>
> Hi I am a SlingCMS developer and user.
> After testing, I found that it is a problem with Apache Sling CMS Security
> Filter, the default "Host Domains" parameter is wrong, the config cannot be
> saved, and it is lost after restart.
> Steps to reproduce:
> 1. Start SlingCMS, using an anonymous user to access the page
> [http://localhost:8080/test/xxx], it shows 401 unauthorized
> 2. Goto [http://localhost:8080/system/console/configMgr]
> find "Apache Sling CMS Security Filter"
> The "Host Domains" is blank, but after testing, there should be a
> "localhost" string, clear the "Host Domains" and click save.
> 3. Using an anonymous user to access the page
> [http://localhost:8080/test/xxx] shows 404 Not Found
> It's OK now. However, after restarting SlingCMS, the problem is still the
> same, so you need to clear the Host Domains again and save it.
> Apache Sling CMS Security Filter -> Allowed Patterns, add one, for example
> ^/test/. *$, save, and after restarting, the Apache Sling CMS Security Filter
> configuration is lost.
> This problem causes most pages to be inaccessible, and the Servlets I
> developed is also inaccessible, so please fix it promptly Thanks.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
