Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

web-examples auth java example error #55

Closed
fhornain opened this issue Jun 21, 2015 · 5 comments
Closed

web-examples auth java example error #55

fhornain opened this issue Jun 21, 2015 · 5 comments

Comments

@fhornain
Copy link

I tried the following example https://github.com/vert-x3/vertx-examples/blob/master/web-examples/src/main/java/io/vertx/example/web/auth/Server.java

and I have the following error.

Using session cookies without https could make you susceptible to session hijacking: http://0.0.0.0:8080/login
Using session cookies without https could make you susceptible to session

hijacking: http://0.0.0.0:8080/loginhandler
Unexpected exception in route
java.lang.IllegalStateException: Logged in OK, but no return URL
at io.vertx.ext.web.handler.impl.FormLoginHandlerImpl.lambda$handle$113(FormLoginHandlerImpl.java:78)
at io.vertx.ext.web.handler.impl.FormLoginHandlerImpl$$Lambda$80/1130099548.handle(Unknown Source)
at io.vertx.core.impl.FutureImpl.checkCallHandler(FutureImpl.java:135)
at io.vertx.core.impl.FutureImpl.setHandler(FutureImpl.java:100)
at io.vertx.core.impl.ContextImpl.lambda$null$13(ContextImpl.java:275)
at io.vertx.core.impl.ContextImpl$$Lambda$83/1571927301.handle(Unknown Source)
at io.vertx.core.impl.ContextImpl.lambda$wrapTask$15(ContextImpl.java:312)
at io.vertx.core.impl.ContextImpl$$Lambda$6/866191240.run(Unknown Source)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:380)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:357)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116)
at java.lang.Thread.run(Thread.java:745)

This behaviour happens when

1] If I directly enter the following URL in the browser
http://127.0.0.1:8080/loginpage.html
It does not work even if I access the login page and enter the correct login
and password.

Here is the outcome -> Internal Server Error

2] On the other side, if I enter go directly to home page http://127.0.0.1:8080 and follow the following URL in the browser : http://127.0.0.1:8080/private/private_page.html
It does work.

I think the problem in the routage implementation.
It does not cover the exception when I enter directly the URL in the input bar of the browser.

Thanks.

Kind Regards
Frederic
@purplefox
Copy link
Contributor

What do you expect to happen if the user goes directly to the login page?

@fhornain
Copy link
Author

To be able to login and be redirected to http://127.0.0.1:8080/private/private_page.html private page.
The problem is when I do that, I have the "Internal Server Error" error message.

@purplefox
Copy link
Contributor

How is the form login handler going to know where to redirect you to, if you went directly to the login page?

The best we can do here is put up a default direct login page, e.g. "You are now logged in".

@fhornain
Copy link
Author

Ok, I think I got it.
Thanks.
/f

@purplefox purplefox mentioned this issue Jun 21, 2015
Merged
@purplefox
Copy link
Contributor

vert-x3/vertx-web#138

@purplefox purplefox removed the Planned label Jun 21, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@purplefox @fhornain