I'm experiencing this with XWiki 1.1 milestone 1. I used WebScarab as a
snooping HTTP proxy to observe what goes on. Here's the flow:
Request: GET
http://itwiki.mid7000nt.mlan:80/xwiki/bin/
Response: 302
http://itwiki.mid7000nt.mlan/xwiki/bin/login/XWiki/XWikiLogin;jsessionid=4b…
Request: GET
http://itwiki.mid7000nt.mlan:80/xwiki/bin/login/XWiki/XWikiLogin;jsessionid…
Response: 302
http://itwiki.mid7000nt.mlan/xwiki/bin/login/XWiki/XWikiLogin?xredirect=%2F…
At this point, I'm looking at the login screen. But you can see that I've
been redirected *twice*, not *once*. The protected page I tried to get
reuslted in me being redirected to the login page with the jsession ID in
the path. For whatever reason, XWiki doesn't recognize me as having access
to that page when the jsessionid is attached, so it redirects me again!
That second redirect no longer has a jsessionid appended to it. However,
the referring URL that it encodes as the redirect URL is now the URL of
the first 302. So when I finally log in, it picks up *that* redirect URL,
rather than the original I tried to go to.
So I think the problem has to do with either the generation of the first
login URL, or something in the stack not recognizing that I have access ot
the first redirect URL because of the appended jsessionid.
Regards,
Brian.
"THOMAS, BRIAN M
(ATTSI)"
<bt0008(a)att.com> To
<xwiki-users(a)objectweb.org>
06/21/2007 10:17 cc
AM
Subject
RE: [xwiki-users] Xwiki login issue
Please respond to after upgrading
xwiki-users@objec
tweb.org
Oops. Sorry, I flunked hex-encoded character decoding and didn't notice
that %3B was not a question-mark (and also forgot that the semicolon was
the separator for jsessionid). However, I don't think that this was his
problem because unless XWiki actually does now have an XWiki.XWikiLogin
page that actually does something under the "view" action, the URL is wrong
with or without the session ID.
And I'm too busy to look it up now, but I didn't think that URL-encoding
the parameters kills the separators.
brain[sic]
From: Vincent Massol [mailto:vincent@massol.net]
Sent: Thursday, June 21, 2007 5:41 AM
To: xwiki-users(a)objectweb.org
Subject: Re: [xwiki-users] Xwiki login issue after upgrading
Hi Hans,
On Jun 21, 2007, at 12:08 PM, PRÜLLER Hans Jörg wrote:
Hi,
We upgraded our standalone wiki installation (jetty,hsql) 1.0-rc1 to
1.1-milestone-2 recently.
We backed up all spaces of the old installation and copied/restored
them into the new installation.
Now, if we directly try to access a page in a space restored from
the old installation we get
An error page after the successful login:
E.g. accessing the following url directly via browser:
http://asj5.linzag.at:9021/xwiki/bin/view/DS/Webhome
Brings up the login page, after successful login:
The requested document could not be found.
The Browser URL is:
xwiki/bin/view/XWiki/XWikiLogin%3Bjsessionid%3D3f3igkglkf9b7
So, somehow the login page tries to forward to a wrong URL after
successful login. Entering the requested URL
Manually again in logged in state, the page appears without any
problem.
Any idea what the problem could be?
Several users have raised this. I don't know yet what is causing the issue
but it seems the ";" before jsession id is URL-encoded and it shouldn't.
In any case just delete the part after the page name:
xwiki/bin/view/XWiki/XWikiLogin
That should work fine I think.
In any case we need to create a jira issue about this. Would you mind
doing that and explain how I can reproduce this? (I've tried without
success)
Thanks
-Vincent
--
You receive this message as a subscriber of the xwiki-users(a)objectweb.org
mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page:
http://www.objectweb.org/wws
-----------------------------------------
CONFIDENTIALITY STATEMENT:
This e-mail transmission contains information that is intended to
be confidential. It is intended only for the addressee named
above. If you receive this e-mail in error, please do not read,
copy, or disseminate it. If you are not the intended recipient,
any disclosure, copying, distribution or use of the contents of
this information is prohibited. Please reply to the message
immediately by informing the sender that the message was
misdirected. After replying, please erase it from your computer
system. Your assistance in correcting this error is appreciated.