New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Force HTTPS" fails when combined with basic-authentication #11735
Comments
Reference about joomla and HTTP Auth: #10128 |
I can complicate this matter a bit. The summation of all of this is that it, in my case anyway, it does not relate to the basic Auth in apache. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/11735. |
Try changing global to configurações in site 1 to no https save and back to https. You will probably be locked in no https too because of the http auth |
In my case, the site with the Force SSL error does not have the Basic Auth setting. That is what I tried to express in my comment, as it is different yet related to the submitted issue. I should also mention that both sites work perfectly in SSL. When I submit the Force SSL setting in Global Configuration, I am using SSL. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/11735. |
Thats how it works. The option label is "force" NOT enable/disable |
@andrepereiradasilva I don't see how your comment is relevant to the discussion. |
In your first site you have only http auth for admin dir. So it will Work. |
Nope, it is enabled on for entire site |
|
As yes, sorry I misread your comment. |
Your second site don't have a clue. This issue is about the failing when all the site is protected with http basic auth. That is a confirmed issue. |
Like I said at the beginning - I am having the same issue, but I am not using Basic Auth (second site). So the issue needs to be widened as it is not only related to Basic Auth. |
I am free to comment and this is not the fórum for help. It you have other issue provide information on how to reproduce it in a new issue. Thanks |
@pdoolz @andrepereiradasilva The following codelines should be inserted at administrator/components/com_config/model/application.php line 142ff (before throwing an error on status code 401)
This is not (yet) a general solution: these php server variables are not always set like this in all distributions and scenarios (see e.g. http://stackoverflow.com/questions/3663520/php-auth-user-not-set). With respect to the issue part (ii) ($force_ssl is downgraded automatically) this might require a short discussion. |
@andrepereiradasilva |
So we can close here as the PR fiXes the prolem? |
yes |
Closed |
Steps to reproduce the issue
"Warning: HTTPS has not been enabled as it is not available on this server."
"Configuration successfully saved."
System information (as much as possible)
Joomla 3.6.2
PHP 5.6.9
Apache 2, AUTH_TYPE Basic
Additional comments
Issue follows up on https://issues.joomla.org/tracker/joomla-cms/9584#event-194294
Hints to fix it
Instantiating the test connection
administrator/components/com_config/model/application.php line 121 ff
might be extended to test the http_auth details of the existing session's connection - this could be a second test if the first one fails but before forcing NoneThe text was updated successfully, but these errors were encountered: