-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenIdAuthenticator may use incorrect redirect #6205
Milestone
Comments
lachlan-roberts
added a commit
that referenced
this issue
Apr 22, 2021
…nit param. Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
lachlan-roberts
added a commit
that referenced
this issue
Apr 26, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
lachlan-roberts
added a commit
that referenced
this issue
May 10, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 10, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
This was
linked to
pull requests
May 12, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Jetty version
Jetty 10/11
Java version
OS type/version
Description
If a javascript application is running in the background of a browser (like cometd trying to connect) and the server is stopped and then started then when the user submits a request for an address within the application the openid authenticator will likely redirect to an internal cometd url instead of the original clicked link.
2021-04-21 06:34:13.497:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-49: validateRequest(Request(GET http://localhost:8080/)@5cfae74f,HTTP/1.1 200 |Date: Wed, 21 Apr 2021 11:34:13 GMT<|<|,true)
...
2021-04-21 06:34:16.399:DEBUG:oejso.OpenIdCredentials:qtp640363654-32: claims { ... }
2021-04-21 06:34:16.407:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-32: authenticated OpenId{User,OPENID,DefaultUserIdentity('111707093257242721596')}->http://localhost:8080/core/connect
2021-04-21 06:34:16.414:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: Restoring original method POST for http://localhost:8080/core/connect with method GET
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: validateRequest(Request(POST http://localhost:8080/core/connect)@5cfae74f,HTTP/1.1 200 |Date: Wed, 21 Apr 2021 11:34:16 GMT<|Set-Cookie: JSESSIONID=node01w1inwnrz1uzc1oon36n09gqm21.node0; Path=/<|Expires: Thu, 01 Jan 1970 00:00:00 GMT<|<|,true)
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: auth retry SessionAuthentication@1eb39854{-,DefaultUserIdentity('111707093257242721596')}->http://localhost:8080/core/connect
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: auth SessionAuthentication@1eb39854{-,DefaultUserIdentity('111707093257242721596')}
This looks like it might be addressed with the partially implemented 'alwaysSaveUri' functionality in the jetty-openid module. Investigating.
The text was updated successfully, but these errors were encountered: