[jboss-jira] [JBoss JIRA] (WFLY-13379) Redirect after "j_security_check" login does not work if URL has no trailing slash

Issa Gueye (Jira) issues at jboss.org
Tue Apr 21 10:30:13 EDT 2020 

    [ https://issues.redhat.com/browse/WFLY-13379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14049127#comment-14049127 ] 

Issa Gueye edited comment on WFLY-13379 at 4/21/20 10:29 AM:
-------------------------------------------------------------

This is a known issue, and it is related to UNDERTOW-1637

A fix is expected in EAP 7.3.1 as per JBEAP-18488 ; and in EAP 7.2.8 as per JBEAP-18378

There are some simple workarounds also available as per KB Solution https://access.redhat.com/solutions/4677911
 


was (Author: rhn-support-igueye):
This is a known issue is related to UNDERTOW-1637

A fix is expected in EAP 7.3.1 as per JBEAP-18488 ; and in EAP 7.2.8 as per JBEAP-18378

There are some simple workarounds also available as per KB Solution https://access.redhat.com/solutions/4677911
 

> Redirect after "j_security_check" login does not work if URL has no trailing slash
> ----------------------------------------------------------------------------------
>
>                 Key: WFLY-13379
>                 URL: https://issues.redhat.com/browse/WFLY-13379
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 19.0.0.Final
>            Reporter: Wolfgang Knauf
>            Assignee: Darran Lofthouse
>            Priority: Major
>         Attachments: Security.ear, configure.cli, restore-configuration.cli
>
>
> Attached file "Security.ear" contains a web application with a single jsp page "index.jsp" and form based login, which is secured by a Database Identity Store (Elytron). 
> When calling the root URL of the webapp without specifiying any page and {color:red}*no*{color} trailing slash (http://localhost:8080/SecurityWeb), on WildFly 11 the login form is shown, and then the welcome file "index.jsp" is shown.
> On WildFly 19, the login form is shown, and after successful login, there is an error message "404 - Not Found", and the URL in the adress bar changes to http://localhost:8080/j_security_check
> It works if the URL is "http://localhost:8080/SecurityWeb/" (trailing slash). It seems WildFly 11 appends the "/" automatically when redirecting to the login form, while WildFly 19 keeps this URL.
> To run the sample, you have to add the Elytron config - the script "configure.cli" can be used for this: 
> jboss-cli.bat --file=path_to\configure.cli
> The script "restore-configuration.cli" undoes this configuration.
> Username/Password are e.g. "admin"/"admin" - the sample creates a user table based on an ejb and "import.sql" inserts users.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list