oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sslEnabled in the config file trumps encryptLogin in the settings.

Browse source
This commit is contained in:
Colin Kuskie 2012-03-10 15:57:48 -08:00
parent b39a7d5f0f
commit 9a09ec0447
4 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/7.x.x.txt
View file

@ -8,6 +8,7 @@
- fixed #12328: invalid wgaccess file in uploads - fixed #12328: invalid wgaccess file in uploads
- RFE: 9730 (actually missing documentation) - RFE: 9730 (actually missing documentation)
- fixed: Crud updateFromFormPost - fixed: Crud updateFromFormPost
- fixed: encryptLogin and sslEnabled both need to be true
7.10.24 7.10.24
- fixed #12318: asset error causes asset manager to fail - fixed #12318: asset error causes asset manager to fail

6
lib/WebGUI/Auth.pm
View file

@ -589,7 +589,7 @@ sub displayLogin {
my $i18n = WebGUI::International->new($self->session); my $i18n = WebGUI::International->new($self->session);
$vars->{title} = $i18n->get(66); $vars->{title} = $i18n->get(66);
my $action; my $action;
if ($self->session->setting->get("encryptLogin")) { if ($self->session->config->get('sslEnabled') && $self->session->setting->get("encryptLogin")) {
my $uri = URI->new($self->session->url->page(undef,1)); my $uri = URI->new($self->session->url->page(undef,1));
$uri->scheme('https'); $uri->scheme('https');
$uri->host_port($uri->host); $uri->host_port($uri->host);
@ -924,7 +924,7 @@ sub login {
$self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl")); $self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
$self->session->scratch->delete("redirectAfterLogin"); $self->session->scratch->delete("redirectAfterLogin");
} }
elsif ($self->session->setting->get('encryptLogin')) { elsif ($self->session->config->get('sslEnabled') && $self->session->setting->get('encryptLogin')) {
my $currentUrl = URI->new($self->session->url->page(undef,1)); my $currentUrl = URI->new($self->session->url->page(undef,1));
$currentUrl->scheme('http'); $currentUrl->scheme('http');
$currentUrl->port($self->session->config->get('webServerPort') || 80); $currentUrl->port($self->session->config->get('webServerPort') || 80);
@ -1109,7 +1109,7 @@ sub showMessageOnLogin {
|| $session->url->getBackToSiteURL || $session->url->getBackToSiteURL
; ;
if ($session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) { if ($self->session->config->get('sslEnabled') && $session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
##A scheme-less URL has been supplied. We need to make it an absolute one ##A scheme-less URL has been supplied. We need to make it an absolute one
##with a non-encrypted scheme. Otherwise the user will stay in SSL mode. ##with a non-encrypted scheme. Otherwise the user will stay in SSL mode.
##We assume that the user put the gateway URL into their URL. ##We assume that the user put the gateway URL into their URL.

2
lib/WebGUI/Macro/L_loginBox.pm
View file

@ -96,7 +96,7 @@ sub process {
} }
my $action; my $action;
if ($session->setting->get("encryptLogin")) { if ($session->config->get('sslEnabled') && $session->setting->get("encryptLogin")) {
my $uri = URI->new($session->url->page(undef,1)); my $uri = URI->new($session->url->page(undef,1));
$uri->scheme('https'); $uri->scheme('https');
$uri->host_port($uri->host); $uri->host_port($uri->host);

2
t/Macro/L_loginBox.t
View file

@ -150,6 +150,8 @@ is($url2, $session->url->page("op=auth;method=logout"), "templated custom text,
##Change settings to use encrypt login and verify which links use https. ##Change settings to use encrypt login and verify which links use https.
$session->setting->set("encryptLogin", 1); $session->setting->set("encryptLogin", 1);
WebGUI::Test->originalConfig('sslEnabled');
$session->config->set('sslEnabled', 1);
$output = WebGUI::Macro::L_loginBox::process($session,'','',$template->getId); $output = WebGUI::Macro::L_loginBox::process($session,'','',$template->getId);
%vars = simpleTextParser($output); %vars = simpleTextParser($output);