[ http://jira.magnolia-cms.com/browse/MAGNOLIA-4449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Grégory Joseph updated MAGNOLIA-4449: ------------------------------------- Comment: was deleted (was: If an issue is obsolete, it's not "fixed", and shouldn't have a fix version, IMO. (unsetting the fix version field to generate release-participants list)) > Protected Page does not redirect to the login page > -------------------------------------------------- > > Key: MAGNOLIA-4449 > URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-4449 > Project: Magnolia > Issue Type: Bug > Security Level: Public > Components: security > Affects Versions: 4.4.6, 4.5, 4.5.7 > Reporter: Christian Ringele > Assignee: Ondřej Chytil > Priority: Critical > Fix For: 4.5.7 > > > Anonymous role has deny access to /demo-project/members-area/protected* , > this rule should be used in > {{info.magnolia.cms.security.URISecurityFilter.isAuthorized(HttpServletRequest)}}, > but this doesn't happen due to this rule pattern doesn't match with current > uri. {{info.magnolia.cms.core.AggregationState.getCurrentURI()}} has value > "/members-area/protected" because > {{info.magnolia.module.extendedtemplatingkit.filters.MultiSiteFilter}} > removes site definition name from uri. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.magnolia-cms.com/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ---------------------------------------------------------------- For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html Alternatively, use our forums: http://forum.magnolia-cms.com/ To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com> ----------------------------------------------------------------