[seam-issues] [JBoss JIRA] Updated: (JBSEAM-4604) Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
Dieter Rehbein (JIRA)
jira-events at lists.jboss.org
Fri Mar 19 02:48:37 EDT 2010
[ https://jira.jboss.org/jira/browse/JBSEAM-4604?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dieter Rehbein updated JBSEAM-4604:
-----------------------------------
Description:
If your application uses the token based remember me feature and open a page, which requires login, a redirect to the login page is performed, even if the user could be logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class org.jboss.seam.navigation.Pages has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
was:
If your application uses the token based remember me feature and open a page, which requires login, a redirect to the login page is performed, even if the user could be logged in silently.
To fix this, the method isLoginRedirectRequired(String viewId, Page page) has to be changed
from
private boolean isLoginRedirectRequired(String viewId, Page page)
{
return page.isLoginRequired() &&
!viewId.equals( getLoginViewId() ) &&
!Identity.instance().isLoggedIn();
}
to:
private boolean isLoginRedirectRequired(String viewId, Page page)
{
if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
{
return !Identity.instance().tryLogin();
}
else
{
return false;
}
}
> Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)
> ------------------------------------------------------------------------------------
>
> Key: JBSEAM-4604
> URL: https://jira.jboss.org/jira/browse/JBSEAM-4604
> Project: Seam
> Issue Type: Bug
> Components: Core, Security
> Affects Versions: 2.2.0.GA
> Reporter: Dieter Rehbein
>
> If your application uses the token based remember me feature and open a page, which requires login, a redirect to the login page is performed, even if the user could be logged in silently.
> To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class org.jboss.seam.navigation.Pages has to be changed
> from
> private boolean isLoginRedirectRequired(String viewId, Page page)
> {
> return page.isLoginRequired() &&
> !viewId.equals( getLoginViewId() ) &&
> !Identity.instance().isLoggedIn();
> }
> to:
> private boolean isLoginRedirectRequired(String viewId, Page page)
> {
> if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))
> {
> return !Identity.instance().tryLogin();
> }
> else
> {
> return false;
> }
> }
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list