-
Improvement
-
Resolution: Fixed
-
Neutral
-
None
-
-
Empty show more show less
-
Yes
Due to MAGNOLIA-5991 the redirect behavior after authentication was changed in the LoginFilter.
This has some negative impacts to customer implementations regarding public user related "portals", in short words of the customer:
"Actually I think a 'redirect to some dynamic page after login mechanism' should really be a default feature in Magnolia. I mean, any CMS/platform that provides public users and authentication should provide a way to redirect users back to where they came from after log in. It is quite a standard feature these days. Instead by default Magnolia only provides a way to redirect back to 1 single predefined page after log in."
- is causing
-
MAGNOLIA-7167 Open Redirect Vulnerabilities
- Closed
- is depended upon by
-
MAGNOLIA-6150 Replace the mgnlModelExecutionUUID hidden field in loginForm with mgnlReturnTo and the value of $targetPage
- Closed
-
MGNLPUR-150 Revert MGNLPUR-146 and replace the mgnlModelExecutionUUID hidden field in loginForm with mgnlReturnTo and the value of $targetPage
- Closed
-
MGNLSTK-1474 Replace the mgnlModelExecutionUUID hidden field in loginForm with mgnlReturnTo and the value of $targetPage
- Closed
-
MGNLWCS-109 Replace the mgnlModelExecutionUUID hidden field in loginForm with mgnlReturnTo and the value of $targetPage
- Closed
- is related to
-
MGNLPUR-146 AuthenticationModel no longer redirects after login
- Closed