[SLING-5629] redirectAfterLogout prepends servlet context to the target, when it's already there - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Auth Core 1.3.12
Fix Version/s: Auth Core 1.3.14
Component/s: Authentication
Labels:
None

Description

In SlingAuthenticator.redirectAfterLogout, a call is made to AuthUtil.isRedirectValid(request, target) which expects the target to contain the servlet context path.

When the validation is made, the call for redirection appends the servlet context to the same target, leading to a duplicated context:
Line 1417: response.sendRedirect(request.getContextPath() + target);

Calling http://localhost:8080/dev/system/sling/logout?resource=/dev/content/node1.html redirects to http://localhost:8080/dev/dev/content/node1.html

Attachments

Issue Links

links to

GitHub Pull Request #132

Activity

People

Assignee:: Carsten Ziegeler

Reporter:: Guillaume Lucazeau

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Mar/16 15:12

Updated:: 10/Jun/16 10:12

Resolved:: 28/Mar/16 13:24