Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-132

When a user does not have the required role to access a resource, the URL that SecurityFilter redirects to should be customizable

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Timed out
    • Medium
    • None
    • 0.38.3
    • None
    • true

    Description

      Right now, seraph automatically redirects to login.url specified in seraph-config.xml. This can be confusing as the login page does not inform the user that they are on that screen because they lack the required role.

      What's worse is that after entering the correct credentials, they are again redirected back to the same page, leaving the user caught in an infinite authentication loop. Nothing's changed; the user still lacks the required role and sending them to a page to enter their username and password again is not very useful.

      We should allow users to specify a separate URL to redirect to in these circumstances.

      Attachments

        Activity

          People

            Unassigned Unassigned
            dave@atlassian.com dave (Inactive)
            Votes:
            4 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              15 years, 15 weeks, 4 days ago