Browser bypasses authentication step [message #1063619] |
Thu, 13 June 2013 14:14 |
Boy D'Poy Messages: 67 Registered: October 2011 |
Member |
|
|
Hi!
Lets suppose that I have a simple Scout/Rap application with the Basic authentication method activated.
At logging out, everything works fine (I'm correctly logged out to the given LogoutFilter#logoutLandingUrl, the session is cleared and freed ... I think ... this is what I realize at least at monitoring the application at : http://localhost:8080/test/process...).
But when I try to reopen http://localhost:8082/web, Im not asked to supply credentials, but directly logged on as the previous user.
What's wrong and what should I do to enforce the browser to authenticate the next user?
Thank you!
Once You Go Scout, You Never Come Out!
|
|
|
|
Re: Browser bypasses authentication step [message #1064326 is a reply to message #1064181] |
Tue, 18 June 2013 18:07 |
Boy D'Poy Messages: 67 Registered: October 2011 |
Member |
|
|
Hi!
Thank you for the reply, but the LogoutFilter behaviour is not the problem.
The same problem occurs even in the previous version of Scout (3.8.x).
Steps to reproduce the bug:
1-With the SDK, create a well compiling and running project from scratch,
and implement:
--a/ the deconnection code AbstractSession#stopSession() .
--b/ the basic authentication mode using for example .
2-Try to connect to the application : at that point, the browser requires you to supply your credentials.
3-Choose for example allen/allen.
4-Disconnect from the implemented action : at that point allen's session is cleared, you can monitor it 2 minutes after at : http://localhost:8080/test/process .
5-DO NOT CLOSE YOUR BROWSER and try to connect again to : http://localhost:8082/web:
at that point occurs the ABNORMAL BEHAVIOUR (I THINK): NO PROMPT DIALOG is displayed and you are automatically logged in as allen ... each time you repeat these steps ... until you choose to close your browser. ;(
So how is it possible at step 5 to enforce the browser showing before continuing, the authentication dialog box?
Regards!
Once You Go Scout, You Never Come Out!
[Updated on: Tue, 18 June 2013 18:58] Report message to a moderator
|
|
|
|
Powered by
FUDForum. Page generated in 0.03071 seconds