commit 1a431a80457bdb28a62b184176052c2034b0859a
author Carsten Ziegeler <cziegeler@apache.org> Wed Apr 06 12:10:23 2016 +0000
committer Carsten Ziegeler <cziegeler@apache.org> Wed Apr 06 12:10:23 2016 +0000
tree 8d2ba60fd6faf38a1d56d333f3e1e2dbb5ecc0a5
parent 3febb1d4af9d96e681b6bb892934a02679900283

SLING-5636 : Form Authentication handler does not redirect to login form with non ROOT context. Apply patch from Guillaume Lucazeau

git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1737972 13f79535-47bb-0310-9956-ffa450edef68

src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java

diff --git a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
index d14c8c6..b821dd6 100644
--- a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
+++ b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
@@ -312,6 +312,7 @@
      * the secure user data is not present either in the cookie or an HTTP
      * Session.
      */
+    @Override
     public AuthenticationInfo extractCredentials(HttpServletRequest request,
             HttpServletResponse response) {
 
@@ -355,6 +356,7 @@
      * form. No further checks are applied, though, before sending back the
      * 403/FORBIDDEN response.
      */
+    @Override
     public boolean requestCredentials(HttpServletRequest request,
             HttpServletResponse response) throws IOException {
 
@@ -410,7 +412,7 @@
         }
 
         try {
-            AuthUtil.sendRedirect(request, response, loginForm, params);
+            AuthUtil.sendRedirect(request, response, request.getContextPath() + loginForm, params);
         } catch (IOException e) {
             log.error("Failed to redirect to the login form " + loginForm, e);
         }
@@ -422,6 +424,7 @@
      * Clears all authentication state which might have been prepared by this
      * authentication handler.
      */
+    @Override
     public void dropCredentials(HttpServletRequest request,
             HttpServletResponse response) {
         authStorage.clear(request, response);
@@ -895,6 +898,7 @@
             this.defaultCookieDomain = defaultCookieDomain;
         }
 
+        @Override
         public String extractAuthenticationInfo(HttpServletRequest request) {
             Cookie[] cookies = request.getCookies();
             if (cookies != null) {
@@ -918,6 +922,7 @@
             return null;
         }
 
+        @Override
         public void set(HttpServletRequest request,
                 HttpServletResponse response, String authData, AuthenticationInfo info) {
             // base64 encode to handle any special characters
@@ -943,6 +948,7 @@
             }
         }
 
+        @Override
         public void clear(HttpServletRequest request,
                 HttpServletResponse response) {
             Cookie oldCookie = null;
@@ -1022,6 +1028,7 @@
             this.sessionAttributeName = sessionAttributeName;
         }
 
+        @Override
         public String extractAuthenticationInfo(HttpServletRequest request) {
             HttpSession session = request.getSession(false);
             if (session != null) {
@@ -1033,6 +1040,7 @@
             return null;
         }
 
+        @Override
         public void set(HttpServletRequest request,
                 HttpServletResponse response, String authData, AuthenticationInfo info) {
             // store the auth hash as a session attribute
@@ -1040,6 +1048,7 @@
             session.setAttribute(sessionAttributeName, authData);
         }
 
+        @Override
         public void clear(HttpServletRequest request,
                 HttpServletResponse response) {
             HttpSession session = request.getSession(false);