Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1950

FORM authentication not working for URL encoded session IDs

    XMLWordPrintable

Details

    Description

      The session IDs are encoded as: -

      /secure/j_security_check;jsessionid=kVzsBG9c3XxcOlzpa65ohiMeMNqXdSNQuOdvdpR3.flame

      However the code that checks if this is a submission to j_security_check is: -

      request.getRequestURI().getPath().endsWith(postLocation)

      This code needs to trim the path at ';'

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: