SLING-5636 : Form Authentication handler does not redirect to login form with non ROOT context. Apply patch from Guillaume Lucazeau
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1737972 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
index d14c8c6..b821dd6 100644
--- a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
+++ b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
@@ -312,6 +312,7 @@
* the secure user data is not present either in the cookie or an HTTP
* Session.
*/
+ @Override
public AuthenticationInfo extractCredentials(HttpServletRequest request,
HttpServletResponse response) {
@@ -355,6 +356,7 @@
* form. No further checks are applied, though, before sending back the
* 403/FORBIDDEN response.
*/
+ @Override
public boolean requestCredentials(HttpServletRequest request,
HttpServletResponse response) throws IOException {
@@ -410,7 +412,7 @@
}
try {
- AuthUtil.sendRedirect(request, response, loginForm, params);
+ AuthUtil.sendRedirect(request, response, request.getContextPath() + loginForm, params);
} catch (IOException e) {
log.error("Failed to redirect to the login form " + loginForm, e);
}
@@ -422,6 +424,7 @@
* Clears all authentication state which might have been prepared by this
* authentication handler.
*/
+ @Override
public void dropCredentials(HttpServletRequest request,
HttpServletResponse response) {
authStorage.clear(request, response);
@@ -895,6 +898,7 @@
this.defaultCookieDomain = defaultCookieDomain;
}
+ @Override
public String extractAuthenticationInfo(HttpServletRequest request) {
Cookie[] cookies = request.getCookies();
if (cookies != null) {
@@ -918,6 +922,7 @@
return null;
}
+ @Override
public void set(HttpServletRequest request,
HttpServletResponse response, String authData, AuthenticationInfo info) {
// base64 encode to handle any special characters
@@ -943,6 +948,7 @@
}
}
+ @Override
public void clear(HttpServletRequest request,
HttpServletResponse response) {
Cookie oldCookie = null;
@@ -1022,6 +1028,7 @@
this.sessionAttributeName = sessionAttributeName;
}
+ @Override
public String extractAuthenticationInfo(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session != null) {
@@ -1033,6 +1040,7 @@
return null;
}
+ @Override
public void set(HttpServletRequest request,
HttpServletResponse response, String authData, AuthenticationInfo info) {
// store the auth hash as a session attribute
@@ -1040,6 +1048,7 @@
session.setAttribute(sessionAttributeName, authData);
}
+ @Override
public void clear(HttpServletRequest request,
HttpServletResponse response) {
HttpSession session = request.getSession(false);