[
http://jira.magnolia-cms.com/browse/MAGNOLIA-4449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Grégory Joseph updated MAGNOLIA-4449:
-------------------------------------
Comment: was deleted
(was: If an issue is obsolete, it's not "fixed", and shouldn't have a fix
version, IMO.
(unsetting the fix version field to generate release-participants list))
> Protected Page does not redirect to the login page
> --------------------------------------------------
>
> Key: MAGNOLIA-4449
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-4449
> Project: Magnolia
> Issue Type: Bug
> Security Level: Public
> Components: security
> Affects Versions: 4.4.6, 4.5, 4.5.7
> Reporter: Christian Ringele
> Assignee: Ondřej Chytil
> Priority: Critical
> Fix For: 4.5.7
>
>
> Anonymous role has deny access to /demo-project/members-area/protected* ,
> this rule should be used in
> {{info.magnolia.cms.security.URISecurityFilter.isAuthorized(HttpServletRequest)}},
> but this doesn't happen due to this rule pattern doesn't match with current
> uri. {{info.magnolia.cms.core.AggregationState.getCurrentURI()}} has value
> "/members-area/protected" because
> {{info.magnolia.module.extendedtemplatingkit.filters.MultiSiteFilter}}
> removes site definition name from uri.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com>
----------------------------------------------------------------
