Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.5.2
Affects Version/s: 2.5.1
Labels:
- jirastudio

Last commented by user?:
true

Description

The end of the doFilter method in BaseLoginFilter contains this code:


            // if we successfully logged in - look for an original URL to forward to
            if (LOGIN_SUCCESS.equals(status) && redirectToOriginalDestination(httpServletRequest, httpServletResponse))
            {
                return;
            }
            // NOTE : LOGIN_NOATTEMPT is a symbolic constant for null which is a language level symbolic constant for...well...null
            //noinspection StringEquality
            if (status == LOGIN_NOATTEMPT)
            {
                issuePossibleRedirectIfUserIsAlreadyLoggedIn(httpServletRequest, httpServletResponse);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);

The problem is that if issuePossibleRedirectIfUserIsAlreadyLoggedIn does in fact issue a redirect, it should exit immediately rather than continuing the filter chain, which can lead to an IllegalStateException.

Attachments

Activity

People

Assignee:: Tim Moore [Atlassian]

Reporter:: Tim Moore [Atlassian]

Participants:: Tim Moore [Atlassian]

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Jul/2011 6:48 AM

Updated:: 06/Nov/2012 4:52 AM

Resolved:: 06/Nov/2012 4:52 AM

Last commented:: 11 years, 26 weeks, 6 days ago