[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[EP-tech] Re: Screen::Logout bug?
- Subject: [EP-tech] Re: Screen::Logout bug?
- From: Jon.Hallett at uwe.ac.uk (Jon Hallett)
- Date: Tue, 22 May 2012 10:48:30 +0100
- In-reply-to: <EMEW3|418d97aea7dfd6a15ddad57d2e517263o4HGmy14eprintsfirstname.lastname@example.org>
- References: <email@example.com> <EMEW3|418d97aea7dfd6a15ddad57d2e517263o4HGmy14eprintsfirstname.lastname@example.org>
Great, thanks Tim. The fix from http://trac.eprints.org/eprints/changeset/7743 does the job.
Date: Fri, 18 May 2012 15:35:45 +0100
From: Tim Brody <tdb2 at ecs.soton.ac.uk>
Subject: [EP-tech] Re: Screen::Logout bug?
To: eprints-tech at ecs.soton.ac.uk
Message-ID: <1337351745.2325.52.camel at chassis.ecs.soton.ac.uk>
Content-Type: text/plain; charset="utf-8"
On Fri, 2012-05-18 at 09:27 +0100, Jon Hallett wrote:
> Thanks for following up, Tim.
> Okay, so we have two instances, called uweresearch
> (http://eprints.uwe.ac.uk) and uwedata
> (http://researchdata.uwe.ac.uk). Both share the same SSL certificate,
> So what I'm seeing is that the http logout URL is logging off the wrong
> instance. So, for example, if the uwedata logout URL is the
> http_cgiurl version, http://eprints.uwe.ac.uk/cgi/logout (note, not
> http://researchdata.uwe.ac.uk/cgi/logout for some odd reason), the
> user is logged out of uweresearch and left in the uweresearch pages.
> If I change Screen::Logout to use https_cgiurl, it works as I expect it
> to. The logout URL for uwedata becomes
> https://eprints.uwe.ac.uk/datasecure/cgi/logout and the user is logged
> out of the correct instance.
> Essentially it looks like the http_cgiroot in the logout script is
> either using the wrong host for CGI URLs or doesn't know which
> instance it is supposed to be logging out. 10_core.pl for uwedata
> looks fine, so I don't think it is anything that simple...
I understand. The problem is render_action_link() is assuming (wrongly)
that it is always relative to the http: path.
This should fix the issue:
(As-in relative-to-current URL, not fixed to http: or https:)
> -----Original Message-----
> Message: 1
> Date: Wed, 16 May 2012 12:17:20 +0100
> From: Tim Brody <tdb2 at ecs.soton.ac.uk>
> Subject: [EP-tech] Re: Screen::Logout bug?
> To: eprints-tech at ecs.soton.ac.uk
> Message-ID: <1337167040.2333.16.camel at chassis.ecs.soton.ac.uk>
> Content-Type: text/plain; charset="utf-8"
> On Wed, 2012-05-16 at 09:21 +0100, Jon Hallett wrote:
> > I think there is a problem in perl_lib/EPrints/Plugin/Screen/Logout.pm
> > for sites with multiple secure archives. The upshot is that
> > The background is that we have two secure instances,
> > http://eprints.uwe.ac.uk and http://researchdata.uwe.ac.uk. Unless the
> > change is made to render_action_link the logout link is
> > researchdata.uwe.ac.uk appears as http://eprints.uwe.ac.uk/cgi/logout,
> > which doesn?t work.
> Hi Jon,
> I'm not sure I understand the problem. The link should go to http: for
> the current repository, which will delete the login session for the user
> in the current repository?
> Where does https come into it?
> All the best,