From b2fd3aad26de8f784253bd07c9cd5652513cbb9c Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Wed, 8 Aug 2012 10:36:42 +1000 Subject: [PATCH] 386714 used deferred auth for form login and error pages --- .../jetty/security/authentication/FormAuthenticator.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java index 17fbdc3f561..7acb1eff2d2 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java @@ -188,8 +188,8 @@ public class FormAuthenticator extends LoginAuthenticator if (!mandatory) return _deferred; - if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo()))) - return Authentication.NOT_CHECKED; + if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response)) + return _deferred; HttpSession session = request.getSession(true);