Bug #33311
AuthenticationProviderManager::isAuthenticated does not work in authentication request
| Status: | Resolved | Start date: | 2012-01-19 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assigned To: | Christian Müller | % Done: | 100% |
|
| Category: | Security | |||
| Target version: | - | |||
| PHP Version: | Complexity: | |||
| Has patch: | No | Affected Flow version: | Git master |
Description
If the client does not have a session and the client authenticates, then a new session is created. The method isAuthenticated checks if the current session canBeResumed(), but that method again checks for the session in $_COOKIE. Since the session was just created, the isAuthenticated method never works in the authentication request. It only starts working in all subsequent requests, since the new session is then available in $_COOKIE.
Related issues
Associated revisions
[BUGFIX] isAuthenticated should work in authentication request
AuthenticationManager::isAuthenticated now checks for resumable
and new sessions before returning FALSE, so it works also in the
request that triggers the authentication.
Change-Id: I97fa566a84123284aa7fa0099a9ad024196ed7b4
Fixes: #33311
Releases: 1.0, 1.1
[BUGFIX] isAuthenticated should work in authentication request
AuthenticationManager::isAuthenticated now checks for resumable
and new sessions before returning FALSE, so it works also in the
request that triggers the authentication.
Change-Id: I2aa3c54cae2ad45a285e8365f5e2052112a887ea
Fixes: #33311
Releases: 1.0, 1.1
History
#1 Updated by Gerrit Code Review over 3 years ago
- Status changed from New to Under Review
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9260
#2 Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9261
#3 Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch FLOW3-1.0 has been pushed to the review server.
It is available at http://review.typo3.org/9262
#4 Updated by Christian Müller over 3 years ago
- Assigned To set to Christian Müller
#5 Updated by Gerrit Code Review over 3 years ago
Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9260
#6 Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch FLOW3-1.0 has been pushed to the review server.
It is available at http://review.typo3.org/9302
#7 Updated by Christian Müller over 3 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 27f00f62768c2b322e87d815e5bef9f5bd2bb2ea.