[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-3045) urlrewritefilter breaks basic authentication
Stephane Epardaud (JIRA)
jira-events at lists.jboss.org
Tue May 27 09:32:49 EDT 2008
urlrewritefilter breaks basic authentication
--------------------------------------------
Key: JBSEAM-3045
URL: http://jira.jboss.com/jira/browse/JBSEAM-3045
Project: Seam
Issue Type: Bug
Affects Versions: 2.0.1.GA
Reporter: Stephane Epardaud
In web.xml, if I configure the urlwritefilter before the seamfilter, any basic authentication defined in components.xml with
<web:authentication-filter url-pattern="/feed/*" auth-type="basic" realm="MyRealm" precedence="0"/>
will be ignored.
That is, pages in the /feed/* url space will not ask for authentication, and any security restrictions requiring those pages to be accessed as logged in users will throw exceptions.
If the urlrewritefilter is defined within the seamfilter, then all works well, except that I'm not sure outboud rewrite rules will work correctly.
I haven't found any documentation relating the order in which these filters must be declared in the Seam documentation.
If this is not a bug, perhaps it would be nice to document it?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list