-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
web-examples auth java example error #55
Comments
What do you expect to happen if the user goes directly to the login page? |
To be able to login and be redirected to http://127.0.0.1:8080/private/private_page.html private page. |
How is the form login handler going to know where to redirect you to, if you went directly to the login page? The best we can do here is put up a default direct login page, e.g. "You are now logged in". |
Ok, I think I got it. |
I tried the following example https://github.com/vert-x3/vertx-examples/blob/master/web-examples/src/main/java/io/vertx/example/web/auth/Server.java
and I have the following error.
Using session cookies without https could make you susceptible to session hijacking: http://0.0.0.0:8080/login
Using session cookies without https could make you susceptible to session
hijacking: http://0.0.0.0:8080/loginhandler
Unexpected exception in route
java.lang.IllegalStateException: Logged in OK, but no return URL
at io.vertx.ext.web.handler.impl.FormLoginHandlerImpl.lambda$handle$113(FormLoginHandlerImpl.java:78)
at io.vertx.ext.web.handler.impl.FormLoginHandlerImpl$$Lambda$80/1130099548.handle(Unknown Source)
at io.vertx.core.impl.FutureImpl.checkCallHandler(FutureImpl.java:135)
at io.vertx.core.impl.FutureImpl.setHandler(FutureImpl.java:100)
at io.vertx.core.impl.ContextImpl.lambda$null$13(ContextImpl.java:275)
at io.vertx.core.impl.ContextImpl$$Lambda$83/1571927301.handle(Unknown Source)
at io.vertx.core.impl.ContextImpl.lambda$wrapTask$15(ContextImpl.java:312)
at io.vertx.core.impl.ContextImpl$$Lambda$6/866191240.run(Unknown Source)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:380)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:357)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116)
at java.lang.Thread.run(Thread.java:745)
This behaviour happens when
1] If I directly enter the following URL in the browser
http://127.0.0.1:8080/loginpage.html
It does not work even if I access the login page and enter the correct login
and password.
Here is the outcome -> Internal Server Error
2] On the other side, if I enter go directly to home page http://127.0.0.1:8080 and follow the following URL in the browser : http://127.0.0.1:8080/private/private_page.html
It does work.
I think the problem in the routage implementation.
It does not cover the exception when I enter directly the URL in the input bar of the browser.
Thanks.
Kind Regards
Frederic
The text was updated successfully, but these errors were encountered: