[ISSUE #8107] 403 go to home page when modify user's password #8114
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KomachiSion
requested changes
Apr 11, 2022
|
主要界面不会让用户退出重新登录,刷新页面问题同样存在 |
|
或者 我改改前端 401 之后就直接跳转到主页面,让用户重新登录即可 |
这个方法或许比较好 |
|
@KomachiSion 搞定 |
onewe
changed the title
KomachiSion
approved these changes
Apr 18, 2022
KomachiSion
added
area/Nacos console
|
遇到了这个问题,很奇怪的是,用默认管理员用户 nacos 修改普通用户密码也会自动登出跳转到登陆页面。 一般情况下,不是用户修改自身密码才会登出重新登陆吗? |
|
@KeithTt 这个问题的本质是 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem:
问题:
Users restart nacos server and do not login again then users update password will get an error
authorization failed用户重启了 nacos server 端,并未重新登录. 在做修改用户密码时提示
authorization failedCause:
原因:
The session information was lost by restart.
重启客户端session信息丢失
Fix:
修复:
Use
IdentityContextHolderinstead of sessions, When requests are cross theAuthFilter, theAuthFilterwill set aIdentityContextobject intoIdentityContextHolderand clean it in the end使用
IdentityContextHolder替代从 session 中获取用户信息. 每次请求经过AuthFilter把IdentityContext对象放入到IdentityContextHolder中并在请求结束时清空IdentityContextHolderClose #8107
Please do not create a Pull Request without creating an issue first.
Follow this checklist to help us incorporate your contribution quickly and easily:
[ISSUE #123] Fix UnknownException when host config not exist. Each commit in the pull request should have a meaningful subject line and body.mvn -B clean package apache-rat:check findbugs:findbugs -Dmaven.test.skip=trueto make sure basic checks pass. Runmvn clean install -DskipITsto make sure unit-test pass. Runmvn clean test-compile failsafe:integration-testto make sure integration-test pass.