Hi this looks like a bug in the login form generation. It should probably really include the path of the authentication handler registration which triggered the login form being rendered.
Can you please report a JIRA ? Thanks. Regards Felix On Wed, Oct 27, 2010 at 11:53 AM, Jos Snellings <[email protected]> wrote: > Dear sling users, > > Problem, just observed: > - activated OpenID authentication handler on content tree "noanonymous" > => when accessing a resource, sling correctly displays the OpenID > login form > however, the login form contains a form action: > <form id="loginform" method="POST" action="/j_security_check" > enctype="multipart/form-data" accept-charset="UTF-8"> > > When posting this form back, sling says: > > > Error while processing /j_security_check > > Status > 500 > Message > javax.jcr.AccessDeniedException: /j_security_check/openid_identifier: not > allowed to add or modify item > Location /j_security_check <http://localhost:8080/j_security_check> > Parent Location / <http://localhost:8080/> > Path > /j_security_check > Referer http://localhost:8080/system/sling/openid/login > ChangeLog > > created("/j_security_check"); > modified("/j_security_check/openid_identifier"); > > > So it is the POST servlet who took the request and not the authentication > handler, or ... j_security_check is not recognized. > What did I overlook? > > Thanks! > Jos > > > > > > > > > >
