[jira] [Updated] (SLING-8320) Web console login does not work with Session Attribute Hash Storage

Wed, 20 Mar 2019 02:43:25 -0700 


     [ 
https://issues.apache.org/jira/browse/SLING-8320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robert Munteanu updated SLING-8320:
-----------------------------------
    Summary: Web console login does not work with Session Attribute Hash 
Storage  (was: Session Attribute Hash Storage does not work in Form Based 
Authentication Handler)

> Web console login does not work with Session Attribute Hash Storage
> -------------------------------------------------------------------
>
>                 Key: SLING-8320
>                 URL: https://issues.apache.org/jira/browse/SLING-8320
>             Project: Sling
>          Issue Type: Bug
>          Components: Authentication
>    Affects Versions: Starter 11, Form Based Authentication 1.0.12
>         Environment: Windows 10 Pro 64bit
> Java 1.8.0_92
> Chrome 72.0.3626.121, Firefox 65.0.2
>            Reporter: Radosław Wesołowski
>            Priority: Major
>         Attachments: Session Attribute in Form Authentication.avi
>
>
> {color:#f79232}*Session Attribute*{color} {color:#14892c}[Hash 
> Storage|https://github.com/apache/sling-org-apache-sling-auth-form/blob/master/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java#L48]{color}
>  does not work in [Form Based Authentication 
> Handler|https://github.com/apache/sling-org-apache-sling-auth-form/blob/master/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java#L864].
>  Using this configuration option breaks the possibility to log into a Sling 
> instance properly.
> The attached video shows the issue steps:
>  # Login to a Sling instance (at e.g. [localhost:8080|http://localhost:8080/])
>  # Open [Apache Sling Form Based Authentication Handler 
> configuration|http://localhost:8080/system/console/configMgr/org.apache.sling.auth.form.FormAuthenticationHandler]
>  # Set *{color:#14892c}[Hash 
> Storage|https://github.com/apache/sling-org-apache-sling-auth-form/blob/master/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java#L48]{color}*
>  option to {color:#f79232}*Session Attribute*{color}
>  # Refresh [/system/console|http://localhost:8080/system/console]
> As the result one can no longer properly login.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to