[
https://issues.apache.org/jira/browse/SLING-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Norman reassigned SLING-1847:
----------------------------------
Assignee: Eric Norman
> Redirect after logout does not work with form authentication
> ------------------------------------------------------------
>
> Key: SLING-1847
> URL: https://issues.apache.org/jira/browse/SLING-1847
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: Form Based Authentication 1.0.0, Auth Core 1.0.2
> Reporter: Eric Norman
> Assignee: Eric Norman
>
> The redirectAfterLogout method of
> org.apache.sling.auth.core.impl.SlingAuthenticator is looking for a request
> attribute or parameter named "resource" to decide where to redirect after
> logout.
> But, if there is a request parameter named "resource" on the request, the
> request never makes it to the LogoutServlet because the
> authenticationSucceeded method of the FormAuthenticationHandler is also
> looking for a request parameter with the same name and immediately
> redirecting to the specified resource which terminates the rest of the
> request processing. The user is never logged out before redirecting to the
> resource.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
