[jboss-jira] [JBoss JIRA] (WFLY-11131) @LoginToContinue.errorPage doesn't work for pages in WEB-INF (New Java EE 8 Security)
Darran Lofthouse (Jira)
issues at jboss.org
Tue Mar 5 09:12:03 EST 2019
[ https://issues.jboss.org/browse/WFLY-11131?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse reassigned WFLY-11131:
---------------------------------------
Assignee: (was: Darran Lofthouse)
> @LoginToContinue.errorPage doesn't work for pages in WEB-INF (New Java EE 8 Security)
> -------------------------------------------------------------------------------------
>
> Key: WFLY-11131
> URL: https://issues.jboss.org/browse/WFLY-11131
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 14.0.1.Final
> Reporter: Instantiation Exception
> Priority: Major
>
> I have this configuration:
> {code:java}
> @FormAuthenticationMechanismDefinition(
> loginToContinue = @LoginToContinue(
> loginPage = "/WEB-INF/account/login.xhtml",
> errorPage = "/WEB-INF/account/login.xhtml?error=true"))
> @ApplicationScoped
> public class SecurityConfiguration {}
> {code}
> When I open browser and go to restricted page, I am forwarded to login page. Then I input invalid username and password and submit form (action="j_security_check"). My browser sends me redirect to http://localhost:8080/WEB-INF/account/login.xhtml?error=true. I believe it should forward request to /WEB-INF/account/login.xhtml?error=true because standard FORM login-config in web.xml worked this way.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list