Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WASReqURL cookie path is not set when the context root of an application is set to root. #7920

Closed
toshiyamamoto opened this issue Jun 18, 2019 · 0 comments
Closed

WASReqURL cookie path is not set when the context root of an application is set to root. #7920

toshiyamamoto opened this issue Jun 18, 2019 · 0 comments
Assignees
@toshiyamamoto
Labels
release bug This bug is present in a released version of Open Liberty release:19007 team:Core Security

Comments

@toshiyamamoto
Copy link
Contributor

toshiyamamoto commented Jun 18, 2019
edited
Loading

When the context root of a web application is set to root "/", when a http request is redirected to the form login page, a setCookie of WASReqURL cookie does not have a cookie path value. As a result, a redirection to the original URL might fail since the WASReqURL cookie might not be sent from a client during authentication. Note that this issue only happens when includePathInWASReqURL is set as true.
@toshiyamamoto toshiyamamoto added team:Core Security release bug This bug is present in a released version of Open Liberty labels Jun 18, 2019
@toshiyamamoto toshiyamamoto self-assigned this Jun 18, 2019
@toshiyamamoto toshiyamamoto mentioned this issue Jun 20, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@toshiyamamoto toshiyamamoto

Labels
release bug This bug is present in a released version of Open Liberty release:19007 team:Core Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@toshiyamamoto @LibbyBot