Bug #33311

AuthenticationProviderManager::isAuthenticated does not work in authentication request

Added by Kira Backes almost 10 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
Must have
Category:
Security
Target version:
-
Start date:
2012-01-19
Due date:
% Done:

100%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

If the client does not have a session and the client authenticates, then a new session is created. The method isAuthenticated checks if the current session canBeResumed(), but that method again checks for the session in $_COOKIE. Since the session was just created, the isAuthenticated method never works in the authentication request. It only starts working in all subsequent requests, since the new session is then available in $_COOKIE.


Related issues

Is duplicate of TYPO3.Flow - Bug #31905: getInterceptedRequest is NULL but ACL matches correctly DENYResolved2011-11-18

Actions

Also available in: Atom PDF