[HSTTWO-2723] Replace JAAS login with another mechanism - Issues

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Normal
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

The HST JAAS based login mechanism has no knowledge of the HST, and has caused many issues over the years. And since it's being handled by the container, is completely out of our control, and usually we have to work around it. The current implementation also seems to be tied to the tomcat servlet container and would have to be modified replaced to work with any of the other containers we support.

We should replace it with something which can be integrated with the HST, for example to respect the hst:show

{port,contextpath}

settings. Which generates redirects with the correct scheme (when https is offloaded). Ideally it would be stateless as well.

Attachments

Issue Links

relates to

HSTTWO-1519 HST authentication is not respecting hst:showcontextpath setting

Closed

HSTTWO-1592 Preview requires sticky sessions in loadbalancer

Closed

HSTTWO-2690 LoginServlet redirects do not honour the scheme

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Bartosz Oudekerk

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Oct/13 3:54 PM

Updated:: 14/Apr/15 10:35 AM

Resolved:: 14/Apr/15 10:35 AM