Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-19072

[GSS](7.2.z) j_security_check fails without trailing slash redirect

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Major
    • None
    • 7.2.7.GA
    • Undertow
    • None
    • Workaround Exists
    • Hide

      Use an expression filter to add the trailing slash for the app context:

                      <expression-filter name="appRedirect" expression="regex('^/SimpleWar$') -> redirect ('/SimpleWar/')"/>
      Show
      Use an expression filter to add the trailing slash for the app context: <expression-filter name= "appRedirect" expression= "regex( '^/SimpleWar$' ) -> redirect ( '/SimpleWar/' )" />
    • Hide

      -Deploy SimpleWar
      -Run with provided standalone xml and users.properties and roles.properties
      -Request locahost:8080/SimpleWar and attempt logging in (admin/admin)

      Show
      -Deploy SimpleWar -Run with provided standalone xml and users.properties and roles.properties -Request locahost:8080/SimpleWar and attempt logging in (admin/admin)

    Description

      After UNDERTOW-1578, a trailing slash redirect is not done before the form login page is presented. This results in the context being lost for the j_security_check POST and it fails:

      localhost.localdomain - - [25/Mar/2020:15:51:42 -0400] "POST /j_security_check;jsessionid=2rinyfprMaTeJG4yNWSNptFHZvr73Vd1paGSWcOt HTTP/1.1" 405 104 "http://localhost:8080/SimpleWar" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" -

      Attachments

        Issue Links

          duplicates

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-18378 [GSS](7.2.z) UNDERTOW-1637 - Http-404 is returned when accessing protected application context resource without a trailing slash

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is caused by

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-1578 401 Unauthorized should be returned when requesting a protected directory without trailing slash

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              flaviarnn Flavia Rainone
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: