OpenIdAuthenticator may use incorrect redirect #6205
Assignees
Milestone
Comments
lachlan-roberts
added a commit
that referenced
this issue
Apr 22, 2021
…nit param. Signed-off-by: Lachlan Roberts <[email protected]>
lachlan-roberts
added a commit
that referenced
this issue
Apr 26, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
lachlan-roberts
added a commit
that referenced
this issue
May 10, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 10, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
This was
linked to
pull requests
May 12, 2021
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
lachlan-roberts
added a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
sbordet
pushed a commit
that referenced
this issue
May 12, 2021
Signed-off-by: Lachlan Roberts <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Jetty version
Jetty 10/11
Java version
OS type/version
Description
If a javascript application is running in the background of a browser (like cometd trying to connect) and the server is stopped and then started then when the user submits a request for an address within the application the openid authenticator will likely redirect to an internal cometd url instead of the original clicked link.
2021-04-21 06:34:13.497:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-49: validateRequest(Request(GET http://localhost:8080/)@5cfae74f,HTTP/1.1 200 |Date: Wed, 21 Apr 2021 11:34:13 GMT<|<|,true)
...
2021-04-21 06:34:16.399:DEBUG:oejso.OpenIdCredentials:qtp640363654-32: claims { ... }
2021-04-21 06:34:16.407:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-32: authenticated OpenId{User,OPENID,DefaultUserIdentity('111707093257242721596')}->http://localhost:8080/core/connect
2021-04-21 06:34:16.414:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: Restoring original method POST for http://localhost:8080/core/connect with method GET
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: validateRequest(Request(POST http://localhost:8080/core/connect)@5cfae74f,HTTP/1.1 200 |Date: Wed, 21 Apr 2021 11:34:16 GMT<|Set-Cookie: JSESSIONID=node01w1inwnrz1uzc1oon36n09gqm21.node0; Path=/<|Expires: Thu, 01 Jan 1970 00:00:00 GMT<|<|,true)
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: auth retry SessionAuthentication@1eb39854{-,DefaultUserIdentity('111707093257242721596')}->http://localhost:8080/core/connect
2021-04-21 06:34:16.415:DEBUG:oejso.OpenIdAuthenticator:qtp640363654-27: auth SessionAuthentication@1eb39854{-,DefaultUserIdentity('111707093257242721596')}
This looks like it might be addressed with the partially implemented 'alwaysSaveUri' functionality in the jetty-openid module. Investigating.
The text was updated successfully, but these errors were encountered: