Details
-
Type:
Bug
-
Status: Open
-
Priority:
High
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: Plugins
-
Labels:None
Description
Realm plugins have the ability to deny a login attempt. This works perfectly with the REST API, but doesn't work with UI logins. The reason is that a failed authentication in the realm plugin does not clear any HTTP session that may have been created prior to the execution of the plugin. This leaves a valid session, so the login does actually work even though the plugin rejected it.