Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
14.0.1.Final
-
None
Description
I have this configuration:
@FormAuthenticationMechanismDefinition( loginToContinue = @LoginToContinue( loginPage = "/WEB-INF/account/login.xhtml", errorPage = "/WEB-INF/account/login.xhtml?error=true")) @ApplicationScoped public class SecurityConfiguration {}
When I open browser and go to restricted page, I am forwarded to login page. Then I input invalid username and password and submit form (action="j_security_check"). My browser sends me redirect to http://localhost:8080/WEB-INF/account/login.xhtml?error=true. I believe it should forward request to /WEB-INF/account/login.xhtml?error=true because standard FORM login-config in web.xml worked this way.