Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-958

FORM authentication fails to change URL session id after login

XMLWordPrintable

    • Hide

      -Put attached configurations and deployment (UNDERTOW-958-test.zip) in place
      -Launch jboss (./standalone.sh -c undertow958.xml)
      -Access the application (localhost:8080/undertow958) and attempt to login with admin/admin

      Show
      -Put attached configurations and deployment ( UNDERTOW-958 -test.zip) in place -Launch jboss (./standalone.sh -c undertow958.xml) -Access the application (localhost:8080/undertow958) and attempt to login with admin/admin

      URL session tracking does not work with FORM authentication. This is because the session id is changed after login, but the jsessionid in the URL is not updated accordingly. Thus, post login requests use the old jsessionid and fail.

            sdouglas1@redhat.com Stuart Douglas
            rhn-support-aogburn Aaron Ogburn
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: