Authentication during a post/save draft operation after the session has
timed out no longer works in the trunk. One gets the login page, but
after re-authenticating, one gets a Permission Denied error page. I
verified on my site this didn't happen in 2.0.
Matt (Raible), perhaps you could make/suggest a quick adjustment to the
Acegi config to correct this? Otherwise I'll file a bug and start
looking at what's going on.
One can reproduce this by dropping cookies in Firefox after logging in
and getting to the edit entry page and before submitting, or by changing
the session timeout parameter in the web.xml to a ridiculously small
value and just waiting a bit; it's in minutes; I used 2 in my test.
--a.
- authentication/timeout bug in the trunk sources Anil Gangolli
-
