[MAGNOLIA-1385] Allow SecurityFilter to authenticate also on unprotected page Created: 17/Feb/07  Updated: 17/Feb/07  Resolved: 17/Feb/07

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 3.0.1
Fix Version/s: 3.1 M1

Type: Improvement Priority: Minor
Reporter: Fabrizio Giustina Assignee: Fabrizio Giustina
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)

 Description   

SecurityFilter tries to authenticate a user only when a secure url is called. For some use cases it would be nice to be able to force it to authenticate always when the userid/password parameters are available in the request.
A typical use is in a public site, where you have a login form on any page which doesn't point to a protected resource, but simply allows the user to login while staying on the current page.



 Comments   
Comment by Fabrizio Giustina [ 17/Feb/07 ]

implemented in trunk. Documentation added to SecurityFilter javadocs

Generated at Mon Feb 12 03:26:24 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.