[
https://issues.apache.org/jira/browse/JSPWIKI-206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12588287#action_12588287
]
Janne Jalkanen commented on JSPWIKI-206:
----------------------------------------
My understanding is that the complaint is about the user experience - not the
security itself. So I would lean towards option 2.
> Search.jsp doesn't seem to be aware of authenticated environment
> ----------------------------------------------------------------
>
> Key: JSPWIKI-206
> URL: https://issues.apache.org/jira/browse/JSPWIKI-206
> Project: JSPWiki
> Issue Type: Bug
> Components: Authentication&Authorization
> Affects Versions: 2.6.0
> Environment: rhel5, tomcat 5.5,jspwiki 2.6.0
> Reporter: Geoff O'Callaghan
> Assignee: Andrew Jaquith
> Priority: Minor
> Fix For: 2.8
>
>
> Scenario: A private wiki which requires authentication to view any page.
> When authenticated using container based authentication searching works fine,
> however, should the session timeout it is still possible to 'use' the Search
> facility. Note: Searches don't return any results, but the search results
> page gives the impression that the search is 'working' just not returning any
> results. A clearly disconcerting time for wiki users.
> It seems that the search page is unaware that it should be redirecting the
> user to the 'login' page as the session has expired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
