[
https://issues.apache.org/jira/browse/ARTEMIS-2979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17230081#comment-17230081
]
Justin Bertram commented on ARTEMIS-2979:
-----------------------------------------
As the name suggests, the class {{io.hawt.web.auth.LoginRedirectFilter}} is
part of the [Hawtio
code-base|https://github.com/hawtio/hawtio/blob/master/hawtio-system/src/main/java/io/hawt/web/auth/LoginRedirectFilter.java].
It's not part of ActiveMQ. I recommend you [report the issue to
Hawtio|https://github.com/hawtio/hawtio/issues].
> Web Console cannot be used with security enabled on OpenLiberty
> ---------------------------------------------------------------
>
> Key: ARTEMIS-2979
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2979
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: Web Console
> Affects Versions: 2.16.0
> Reporter: Apache Dev
> Priority: Blocker
>
> Accessing the web console when unauthenticated, redirects to Login page.
> However, resources accessed by login page itself are also redirected to
> login page, resulting in an blank page.
> Issue depends on Hawtio class: {{io.hawt.web.auth.LoginRedirectFilter}}
> When the resource {{[http://localhost:8161/console/js/lib-a2ca3f5f1e.js]}} is
> retrieved, the following statement in {{LoginRedirectFilter#doFilter}}
> returns an empty string:
> {code:java}
> String path = httpRequest.getServletPath();{code}
> Such empty string does not match the unsecured paths, and the request is
> redirected to login page.
> Same behaviour with other ".js" and ".css" resources.
> A more portable way to get such path in filters is the following:
> {code:java}
> String path =
> httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());{code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
