[JBoss JIRA] Created: (JBSEAM-4604) Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
1:46 a.m.
Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
------------------------------------------------------------------------------------
Key: JBSEAM-4604
URL: https://jira.jboss.org/jira/browse/JBSEAM-4604
Project: Seam
Issue Type: Bug
Components: Core, Security
Affects Versions: 2.2.0.GA
Reporter: Dieter Rehbein
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) has to be
changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:48 a.m.
New subject: [JBoss JIRA] Updated: (JBSEAM-4604) Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
[
https://jira.jboss.org/jira/browse/JBSEAM-4604?page=com.atlassian.jira.pl...
]
Dieter Rehbein updated JBSEAM-4604:
-----------------------------------
Workaround Description: subclass Pages (with the fixed method) and install it with a
higher precedence (APPLICATION)
Tokenbase remember me: redirected to login, if login required
(tryLogin not invoked)
------------------------------------------------------------------------------------
Key: JBSEAM-4604
URL: https://jira.jboss.org/jira/browse/JBSEAM-4604
Project: Seam
Issue Type: Bug
Components: Core, Security
Affects Versions: 2.2.0.GA
Reporter: Dieter Rehbein
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class
org.jboss.seam.navigation.Pages has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:48 a.m.
New subject: [JBoss JIRA] Updated: (JBSEAM-4604) Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
[
https://jira.jboss.org/jira/browse/JBSEAM-4604?page=com.atlassian.jira.pl...
]
Dieter Rehbein updated JBSEAM-4604:
-----------------------------------
Description:
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class
org.jboss.seam.navigation.Pages has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
was:
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) has to be
changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
Tokenbase remember me: redirected to login, if login required
(tryLogin not invoked)
------------------------------------------------------------------------------------
Key: JBSEAM-4604
URL: https://jira.jboss.org/jira/browse/JBSEAM-4604
Project: Seam
Issue Type: Bug
Components: Core, Security
Affects Versions: 2.2.0.GA
Reporter: Dieter Rehbein
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class
org.jboss.seam.navigation.Pages has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:24 a.m.
New subject: [JBoss JIRA] Assigned: (JBSEAM-4604) Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
[
https://jira.jboss.org/jira/browse/JBSEAM-4604?page=com.atlassian.jira.pl...
]
Shane Bryzak reassigned JBSEAM-4604:
------------------------------------
Assignee: Shane Bryzak
Tokenbase remember me: redirected to login, if login required
(tryLogin not invoked)
------------------------------------------------------------------------------------
Key: JBSEAM-4604
URL: https://jira.jboss.org/jira/browse/JBSEAM-4604
Project: Seam
Issue Type: Bug
Components: Core, Security
Affects Versions: 2.2.0.GA
Reporter: Dieter Rehbein
Assignee: Shane Bryzak
If your application uses the token based remember me feature and open a page, which
requires login, a redirect to the login page is performed, even if the user could be
logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class
org.jboss.seam.navigation.Pages has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5164
days inactive
5189
days old
3 comments
2 participants
participants (2)
-
Dieter Rehbein (JIRA) -
Shane Bryzak (JIRA)