[
https://issues.apache.org/jira/browse/SLING-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Munteanu closed SLING-1847.
----------------------------------
> Redirect after logout does not work with form authentication
> ------------------------------------------------------------
>
> Key: SLING-1847
> URL: https://issues.apache.org/jira/browse/SLING-1847
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: Form Based Authentication 1.0.0, Auth Core 1.0.2
> Reporter: Eric Norman
> Assignee: Eric Norman
> Fix For: Form Based Authentication 1.0.4
>
>
> The redirectAfterLogout method of
> org.apache.sling.auth.core.impl.SlingAuthenticator is looking for a request
> attribute or parameter named "resource" to decide where to redirect after
> logout.
> But, if there is a request parameter named "resource" on the request, the
> request never makes it to the LogoutServlet because the
> authenticationSucceeded method of the FormAuthenticationHandler is also
> looking for a request parameter with the same name and immediately
> redirecting to the specified resource which terminates the rest of the
> request processing. The user is never logged out before redirecting to the
> resource.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
