Tynamo
  1. Tynamo
  2. TYNAMO-110

redirect to login page for pages secured with @RequiresXXX annotations

    Details

    • Type: Improvement Improvement
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: security-0.3.1, security-0.4.0
    • Fix Version/s: security-0.4.1
    • Component/s: security
    • Labels:
      None
    • Number of attachments :
      0

      Description

      There is a slightly difference between the way the AuthorizationFilter and AuthenticationFilter redirect to the login page, and the way the ShiroExceptionHandler redirects to the login page.

      This means that these two options do not behave exactly in the same way.

      1) @RequiresRole("admin") public class Index {
      2) configuration.add(factory.createChain("/").add(factory.roles(),"admin").build());

      The option number 2 uses WebUtils.issueRedirect and returns a 301 redirect_ pointing to the login page to the client.

      The @RequiresRole("admin") annotation uses the ShiroExceptionHandler and does an "internal" tapestry redirect to the login page. That is it will not return a 301 redirect to the login page and it won't change the original "window.location". This creates some difficulties when working with SSL and it's the root cause of the issue explained in TYNAMO-103.

        Issue Links

          Activity

          Alejandro Scandroli made changes -
          Field Original Value New Value
          Status Open [ 1 ] Resolved [ 5 ]
          Fix Version/s security-0.4.1 [ 17404 ]
          Resolution Fixed [ 1 ]
          Alejandro Scandroli made changes -
          Link This issue relates to TYNAMO-103 [ TYNAMO-103 ]
          Kalle Korhonen made changes -
          Resolution Fixed [ 1 ]
          Status Resolved [ 5 ] Reopened [ 4 ]
          Assignee Alejandro Scandroli [ ascandroli ] Kalle Korhonen [ kaosko ]
          Kalle Korhonen made changes -
          Status Reopened [ 4 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Alejandro Scandroli made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            • Assignee:
              Kalle Korhonen
              Reporter:
              Alejandro Scandroli
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: