[Geoserver-devel] [JIRA] (GEOS-10761) Failed login with encrypt URL parameters setting results in 404

Jody Garnett created an issue

GeoServer / BugGEOS-10761

Failed login with encrypt URL parameters setting results in 404

Issue Type:

BugBug

Affects Versions:

2.21.2, 2.22.0

Assignee:

Unassigned

Components:

Wicket UI

Created:

29/Nov/22 4:48 PM

Environment:

Java 11, Tomcat 8.5

Priority:

MediumMedium

Reporter:

Jody Garnett

Failed login page inaccessible when encrypt URL parameters enabled:

  1. Login as admin
  2. Change Security Settings Encrypt web admin URL parameters (as described here)
  3. Logout, the home page has a random {{wicket-crypt= }}parameter to keep the sequence from being guessable
  4. Fail to login, and be redirected to 404 page:
    http://localhost:8080/geoserver/web/wicket/bookmarkable/org.geoserver.web.GeoServerLoginPage?error=true

See attached screen snap for comparison.

Add Comment

Add Comment

Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS


This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100210-sha1:4037f92)

Atlassian logo