Menu
▾
▴
#1326 (3.0.7) Form based auth jetty issue
On the Jboss-user list, Phil said:
"Found an issue with FORM based authorisation when
using the bundled jetty. Basically I have a 'standard'
setup of form based auth, which works fine.. you visit
a secure page, it redirects you to the login form, you
login, and it takes you back to the origional page.
The problem is, is if you enter an invalid
username/password, it forgets the URL of the page
origionally requested, so when you retry with a correct
username/password it redirects
you to "/".
I have tried the same app with the Tomcat version of
3.0.7 and all works as expected, so I guess it is a
jetty issue?"
I am also having the same issue...
JBoss 3.0.7 on Linux & Solaris.
Logged In: YES
user_id=44062
Fixed in Jetty CVS.... will be migrated to JBoss soon.
Logged In: YES
user_id=505480
The problem also exists in JBoss 3.2.1.
Any ideas when this fix will be migrated?
Logged In: YES
user_id=44062
This is fixed in the latest versions of Jetty and I believe it
has already been migrated to jboss 3.2 and 4.0.
We have not planned on an update of the 3.0 series..
However, you should be able to get the jar file from
Jetty 4.2.10pre1 (4.2.10 out in the next few days)
and try dropping it into the jbossweb.sar.
If that does not work, you should be able to just move over
the org.mortbay.http.FormAuthenticator class to fix the
problem.
Finally if that fails, you can build 3.0.7 from source and
drop the source of FormAuthenticator into it.
Logged In: YES
user_id=505480
Ok, after including the separate
http://prdownloads.sourceforge.net/jboss/jbossweb-jetty.sar?
download it works correctly!