]
Norman Richards updated JBSEAM-3045:
------------------------------------
Comment: was deleted
urlrewritefilter breaks basic authentication
--------------------------------------------
Key: JBSEAM-3045
URL:
https://jira.jboss.org/jira/browse/JBSEAM-3045
Project: Seam
Issue Type: Bug
Affects Versions: 2.0.1.GA
Reporter: Stephane Epardaud
Assignee: Norman Richards
Fix For: 2.1.0.BETA1
In web.xml, if I configure the urlwritefilter before the seamfilter, any basic
authentication defined in components.xml with
<web:authentication-filter url-pattern="/feed/*" auth-type="basic"
realm="MyRealm" precedence="0"/>
will be ignored.
That is, pages in the /feed/* url space will not ask for authentication, and any security
restrictions requiring those pages to be accessed as logged in users will throw
exceptions.
If the urlrewritefilter is defined within the seamfilter, then all works well, except
that I'm not sure outboud rewrite rules will work correctly.
I haven't found any documentation relating the order in which these filters must be
declared in the Seam documentation.
If this is not a bug, perhaps it would be nice to document it?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: