Uploaded image for project: 'Seam 2'
  1. Seam 2
  2. JBSEAM-4604

Tokenbase remember me: redirected to login, if login required (tryLogin not invoked)

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.2.0.GA
    • Fix Version/s: None
    • Component/s: Core, Security
    • Labels:
      None
    • Workaround Description:
      Hide

      subclass Pages (with the fixed method) and install it with a higher precedence (APPLICATION)

      Show
      subclass Pages (with the fixed method) and install it with a higher precedence (APPLICATION)

      Description

      If your application uses the token based remember me feature and open a page, which requires login, a redirect to the login page is performed, even if the user could be logged in silently.

      To fix this, the method isLoginRedirectRequired(String viewId, Page page) in class org.jboss.seam.navigation.Pages has to be changed

      from

      private boolean isLoginRedirectRequired(String viewId, Page page)

      { return page.isLoginRequired() && !viewId.equals( getLoginViewId() ) && !Identity.instance().isLoggedIn(); }

      to:

      private boolean isLoginRedirectRequired(String viewId, Page page)
      {
      if (page.isLoginRequired() && !viewId.equals(getLoginViewId()))

      { return !Identity.instance().tryLogin(); }

      else

      { return false; }

      }

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                shane.bryzak Shane Bryzak
                Reporter:
                rehdie Dieter Rehbein
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated: