Redirect after logout does not work with form authentication ------------------------------------------------------------
Key: SLING-1847 URL: https://issues.apache.org/jira/browse/SLING-1847 Project: Sling Issue Type: Bug Components: Authentication Affects Versions: Auth Core 1.0.2, Form Based Authentication 1.0.0 Reporter: Eric Norman The redirectAfterLogout method of org.apache.sling.auth.core.impl.SlingAuthenticator is looking for a request attribute or parameter named "resource" to decide where to redirect after logout. But, if there is a request parameter named "resource" on the request, the request never makes it to the LogoutServlet because the authenticationSucceeded method of the FormAuthenticationHandler is also looking for a request parameter with the same name and immediately redirecting to the specified resource which terminates the rest of the request processing. The user is never logged out before redirecting to the resource. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.