Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Bartel2012-05-22 07:13:10 -0400
committerJan Bartel2012-05-22 07:13:10 -0400
commit37bce89b8ffbd426fefdfa4add2a665c98bfac7f (patch)
treee1387cbb16ed4ff5fcfe7c53816f9413f09cf11a /jetty-security/src/main/java
parent5420009f0f2bbdb4dcc1cdfe31c29b0a54a6c007 (diff)
downloadorg.eclipse.jetty.project-37bce89b8ffbd426fefdfa4add2a665c98bfac7f.tar.gz
org.eclipse.jetty.project-37bce89b8ffbd426fefdfa4add2a665c98bfac7f.tar.xz
org.eclipse.jetty.project-37bce89b8ffbd426fefdfa4add2a665c98bfac7f.zip
379909 FormAuthenticator Rembers only the URL of first Request before authentication
Diffstat (limited to 'jetty-security/src/main/java')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java27
1 files changed, 24 insertions, 3 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index c21768fde1..dcd91498f3 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -77,6 +77,7 @@ public class FormAuthenticator extends LoginAuthenticator
private String _formLoginPage;
private String _formLoginPath;
private boolean _dispatch;
+ private boolean _alwaysSaveUri;
public FormAuthenticator()
{
@@ -95,6 +96,26 @@ public class FormAuthenticator extends LoginAuthenticator
/* ------------------------------------------------------------ */
/**
+ * If true, uris that cause a redirect to a login page will always
+ * be remembered. If false, only the first uri that leads to a login
+ * page redirect is remembered.
+ * See https://bugs.eclipse.org/bugs/show_bug.cgi?id=379909
+ * @param alwaysSave
+ */
+ public void setAlwaysSaveUri (boolean alwaysSave)
+ {
+ _alwaysSaveUri = alwaysSave;
+ }
+
+
+ /* ------------------------------------------------------------ */
+ public boolean getAlwaysSaveUri ()
+ {
+ return _alwaysSaveUri;
+ }
+
+ /* ------------------------------------------------------------ */
+ /**
* @see org.eclipse.jetty.security.authentication.LoginAuthenticator#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)
*/
@Override
@@ -279,9 +300,9 @@ public class FormAuthenticator extends LoginAuthenticator
// remember the current URI
synchronized (session)
{
- // But only if it is not set already
- if (session.getAttribute(__J_URI)==null)
- {
+ // But only if it is not set already, or we save every uri that leads to a login form redirect
+ if (session.getAttribute(__J_URI)==null || _alwaysSaveUri)
+ {
StringBuffer buf = request.getRequestURL();
if (request.getQueryString() != null)
buf.append("?").append(request.getQueryString());

Back to the top