[
https://issues.apache.org/jira/browse/SLING-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12836593#action_12836593
]
Róbert Csákány commented on SLING-1116:
---------------------------------------
Maybe I make some mistake, but when It's not works for me correctly:
1. I've downloaded the Sling from trunk
2. I compiled and intalled it.
3. I've copied the WAR file to a new tomcat instance
4. I've tarted tomcat - Sling test OK
5. http://localhost:8080/system/sling/form/login in browser, the login form OK
6. After I submitted the form the following mesagge I've got:
Content created /system/sling/form/j_security_check
Status
201
Message
Created
Location /system/sling/form/j_security_check
Parent Location /system/sling/form
Path
/system/sling/form/j_security_check
Referer http://localhost:8080/system/sling/form/login
ChangeLog
created("/system/sling/form/j_security_check");
modified("/system/sling/form/j_security_check/j_username");
modified("/system/sling/form/j_security_check/j_password");
Go Back
Modified Resource
Parent of Modified Resource
So I've tried to debug what happens and I expreienced the extractCredentials
have not been called.
It seems to me the AuthenticanHandlers are not called.
What was my mistake?
> FORM Based Authentication
> -------------------------
>
> Key: SLING-1116
> URL: https://issues.apache.org/jira/browse/SLING-1116
> Project: Sling
> Issue Type: New Feature
> Components: Extensions
> Reporter: Eric Norman
> Assignee: Felix Meschberger
> Fix For: Extensions Form Based Authentication 1.0.0
>
> Attachments: org.apache.sling.cookieauth.zip,
> org.apache.sling.sessionauth.zip, SLING_1116_jackrabbit_server_patch.txt,
> update2_org.apache.sling.cookieauth.zip,
> updated_org.apache.sling.cookieauth.zip
>
>
> This is a new bundle that provides an implementation of forms based
> authentication for sling.
> The login/logout servlets from the org.apache.sling.commons.auth are used.
> The AuthenticationHandler will use http basic auth credentials if they are on
> the request, otherwise it will use the user/pwd posted from the login form.
> The login form html is generated by a set of scripts
> 1. login.html.esp - full login page (includes login_body.html.esp for the
> form markup)
> 2. login_body.html.esp - just the login form, which may be useful for
> drawing the login form for an ajax context
> 3. loginError.html.esp - full login-error page
> 4. loginError_body.html.esp - just the login-error form, for login error in
> ajax context
> The above scripts are included as bundle-resources @
> /libs/sling/servlet/default
> The bundle also has a couple of test scripts to show some examples of usage:
> 1. loginTest.html.esp - shows who is logged in and links to login or logout
> 2. loginTest2.html.esp - shows how a script can check permissions and show a
> login page if the anonymous user doesn't have permission to see the page,
> Some examples of usage are:
> 1. http://host:port/path/to/node.login.html - show the login page and then
> goto http://host:port/path/to/node after authenticated
> 2. http://host:port/path/to/node.login.html?s=.edit.html - show the login
> page and then goto http://host:port/path/to/node.edit.html after
> authenticated
> 3. http://host:port/system/sling/logout - invalidate the session and switch
> back to anonymous user
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
