-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Stefan,
On 11/14/13, 10:01 AM, Bley, Stefan wrote:
>> Does your extended-FormAuthenticator ever call any of the
>> getParameter* family of methods (that is, before saveRequest is
>> called)? If so, you are triggering the parsing of the input
>> st
> Does your extended-FormAuthenticator ever call any of the
> getParameter* family of methods (that is, before saveRequest is
> called)? If so, you are triggering the parsing of the input stream,
> which evidently is discarded if the FormAuthenticator decides it needs
> to save the request.
If you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Stefan,
On 11/14/13, 9:27 AM, Bley, Stefan wrote:
>> When you say "request input buffer", which buffer do you mean? I
>> haven't looked at the code in a while, but the FormAuthenticator
>> may parse POST multipart/form-data into individual paramete
Thanks Chris.
> When you say "request input buffer", which buffer do you mean? I
> haven't looked at the code in a while, but the FormAuthenticator may
> parse POST multipart/form-data into individual parameters, thus
> draining the input stream in the process. Perhaps you are looking for
> your "
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Stefan,
On 11/14/13, 3:51 AM, Bley, Stefan wrote:
> Yes we have our own Valve which, through the inheritance structure
> of Picketlink, extends FormAuthenticator. When it comes to
> saveRequest() the is.read() returns -1.
Okay.
>> If in.read() r
Yes we have our own Valve which, through the inheritance structure of
Picketlink, extends FormAuthenticator. When it comes to saveRequest() the
is.read() returns -1.
> If in.read() returns -1 it means that the stream has no more data in it.
Does that mean the stream has already been read? Or res
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Stefen,
On 11/13/13, 7:18 AM, Bley, Stefan wrote:
> We are using Picketlink 2.5.2.Final for Federated Identity
> Management within Tomcat 7.0.42. When the user invokes a request
> without being authenticated the FormAuthenticator will save the
> req
> Was there a body ? What kind of request was it ?
A POST request with form params in it (JSF view state etc.). I can see them in
request.coyoteRequest.parameters and request.coyoteRequest.inputBuffer.buf when
debugging. So the params are in the buffer but the buffer isn't read as
expected.
-
Bley, Stefan wrote:
We are using Picketlink 2.5.2.Final for Federated Identity Management within
Tomcat 7.0.42. When the user invokes a request without being authenticated the
FormAuthenticator will save the request into the session, issue the
authentication request and then restore the origin
