[ https://issues.apache.org/jira/browse/SLING-5629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15324173#comment-15324173 ]
ASF GitHub Bot commented on SLING-5629: --------------------------------------- Github user glucazeau closed the pull request at: https://github.com/apache/sling/pull/132 > redirectAfterLogout prepends servlet context to the target, when it's already > there > ----------------------------------------------------------------------------------- > > Key: SLING-5629 > URL: https://issues.apache.org/jira/browse/SLING-5629 > Project: Sling > Issue Type: Bug > Components: Authentication > Affects Versions: Auth Core 1.3.12 > Reporter: Guillaume Lucazeau > Assignee: Carsten Ziegeler > Fix For: Auth Core 1.3.14 > > > In SlingAuthenticator.redirectAfterLogout, a call is made to > AuthUtil.isRedirectValid(request, target) which expects the target to contain > the servlet context path. > When the validation is made, the call for redirection appends the servlet > context to the same target, leading to a duplicated context: > Line 1417: response.sendRedirect(request.getContextPath() + target); > Calling > http://localhost:8080/dev/system/sling/logout?resource=/dev/content/node1.html > redirects to http://localhost:8080/dev/dev/content/node1.html -- This message was sent by Atlassian JIRA (v6.3.4#6332)