You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you do servletRequest.login(user, pass) no Quakrus Cookie is created when it should be.
Workaround
A hack workaround is to manually call /j_security_check, get the response, and if it contains the set-cookie header which is set by Quarkus, I also set that cookie in the original FacesContext Response. But I don't like this approach.
@stuartwdouglas@cescoffier i am not familiar enough with how core Quarkus adds the quarkus.http.auth.form.cookie-name credential cookie but from this code it looks like SecurityContext.login(username, password) should also be doing it or maybe if not part of that it should be right after that line of code if login == true ?
Debugging this I can verify the FormAuthenticationMechanism is not in the chain.
melloware
changed the title
HttpServletRequest.login() not creating cookies
HttpServletRequest.login() not creating Form Authentication cookie
Nov 18, 2024
Zulip: https://quarkusio.zulipchat.com/#narrow/channel/187038-dev/topic/j_security_check.20Programmatic.20Login.3F
Original Issue: melloware/quarkus-faces#409
Issue
If you do
servletRequest.login(user, pass)
no Quakrus Cookie is created when it should be.Workaround
A hack workaround is to manually call
/j_security_check
, get the response, and if it contains theset-cookie
header which is set by Quarkus, I also set that cookie in the original FacesContext Response. But I don't like this approach.Undertow Code
Here is the current Undertow code:
quarkus-http/servlet/src/main/java/io/undertow/servlet/spec/HttpServletRequestImpl.java
Lines 473 to 493 in 3ab7d0a
The text was updated successfully, but these errors were encountered: