rundeck · gschueler · Oct 9, 2023 · Oct 9, 2023
diff --git a/rd-api-client/src/main/java/org/rundeck/client/RundeckClient.java b/rd-api-client/src/main/java/org/rundeck/client/RundeckClient.java
@@ -246,8 +246,7 @@ private static void buildFormAuth(
             cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
             builder.cookieJar(new JavaNetCookieJar(cookieManager));
 
-
-            String postUrl = parse
+            String postUrl = HttpUrl.parse(appBaseUrl)
                     .newBuilder()
                     .addPathSegment(
                             System.getProperty(

diff --git a/rd-cli-tool/src/test/groovy/org/rundeck/client/RundeckClientSpec.groovy b/rd-cli-tool/src/test/groovy/org/rundeck/client/RundeckClientSpec.groovy
@@ -16,6 +16,7 @@
 
 package org.rundeck.client
 
+import org.rundeck.client.util.FormAuthInterceptor
 import spock.lang.Specification
 
 /**
@@ -50,6 +51,30 @@ class RundeckClientSpec extends Specification {
         'https' | _
     }
 
+    def "password auth with API vers has correct auth url"() {
+        given:
+        def root = 'https://example.com'
+        when:
+
+        def builder = RundeckClient.builder().
+                baseUrl(root + basePath).
+                passwordAuth('user1', 'pass1')
+
+        then:
+        builder.okhttp.interceptors().size() == 1
+        def formAuth = builder.okhttp.interceptors().get(0)
+        formAuth instanceof FormAuthInterceptor
+        formAuth.baseUrl == (root + expectedBase)
+        formAuth.j_security_url == (root + expectedSecurity)
+
+        where:
+        basePath          | expectedBase | expectedSecurity
+        "/"               | "/"          | "/j_security_check"
+        "/api/19"         | "/"          | "/j_security_check"
+        "/context"        | "/context/"  | "/context/j_security_check"
+        "/context/api/19" | "/context/"  | "/context/j_security_check"
+    }
+
     def "create token valid"() {
         given:
         def token = 'abc'