[jboss-jira] [JBoss JIRA] (WFLY-11131) @LoginToContinue.errorPage doesn't work for pages in WEB-INF (New Java EE 8 Security)
Darran Lofthouse (Jira)
issues at jboss.org
Tue Dec 18 07:44:00 EST 2018
[ https://issues.jboss.org/browse/WFLY-11131?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13675759#comment-13675759 ]
Darran Lofthouse commented on WFLY-11131:
-----------------------------------------
Can you please try again with WildFly 15 backed by WildFly Elytron - if this issue is still present there I will take a look.
> @LoginToContinue.errorPage doesn't work for pages in WEB-INF (New Java EE 8 Security)
> -------------------------------------------------------------------------------------
>
> Key: WFLY-11131
> URL: https://issues.jboss.org/browse/WFLY-11131
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 14.0.1.Final
> Reporter: Instantiation Exception
> Assignee: Darran Lofthouse
> Priority: Major
>
> I have this configuration:
> {code:java}
> @FormAuthenticationMechanismDefinition(
> loginToContinue = @LoginToContinue(
> loginPage = "/WEB-INF/account/login.xhtml",
> errorPage = "/WEB-INF/account/login.xhtml?error=true"))
> @ApplicationScoped
> public class SecurityConfiguration {}
> {code}
> When I open browser and go to restricted page, I am forwarded to login page. Then I input invalid username and password and submit form (action="j_security_check"). My browser sends me redirect to http://localhost:8080/WEB-INF/account/login.xhtml?error=true. I believe it should forward request to /WEB-INF/account/login.xhtml?error=true because standard FORM login-config in web.xml worked this way.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list