Skip to content
Permalink
Browse files

sslEnabled in the config file trumps encryptLogin in the settings.

  • Loading branch information...
perlDreamer committed Mar 10, 2012
1 parent b39a7d5 commit 9a09ec04478220acd15c146809bd7f970f033d52
Showing with 7 additions and 4 deletions.
  1. +1 −0 docs/changelog/7.x.x.txt
  2. +3 −3 lib/WebGUI/Auth.pm
  3. +1 −1 lib/WebGUI/Macro/L_loginBox.pm
  4. +2 −0 t/Macro/L_loginBox.t
@@ -8,6 +8,7 @@
- fixed #12328: invalid wgaccess file in uploads
- RFE: 9730 (actually missing documentation)
- fixed: Crud updateFromFormPost
- fixed: encryptLogin and sslEnabled both need to be true

7.10.24
- fixed #12318: asset error causes asset manager to fail
@@ -589,7 +589,7 @@ sub displayLogin {
my $i18n = WebGUI::International->new($self->session);
$vars->{title} = $i18n->get(66);
my $action;
if ($self->session->setting->get("encryptLogin")) {
if ($self->session->config->get('sslEnabled') && $self->session->setting->get("encryptLogin")) {
my $uri = URI->new($self->session->url->page(undef,1));
$uri->scheme('https');
$uri->host_port($uri->host);
@@ -924,7 +924,7 @@ sub login {
$self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
$self->session->scratch->delete("redirectAfterLogin");
}
elsif ($self->session->setting->get('encryptLogin')) {
elsif ($self->session->config->get('sslEnabled') && $self->session->setting->get('encryptLogin')) {
my $currentUrl = URI->new($self->session->url->page(undef,1));
$currentUrl->scheme('http');
$currentUrl->port($self->session->config->get('webServerPort') || 80);
@@ -1109,7 +1109,7 @@ sub showMessageOnLogin {
|| $session->url->getBackToSiteURL
;

if ($session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
if ($self->session->config->get('sslEnabled') && $session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
##A scheme-less URL has been supplied. We need to make it an absolute one
##with a non-encrypted scheme. Otherwise the user will stay in SSL mode.
##We assume that the user put the gateway URL into their URL.
@@ -96,7 +96,7 @@ sub process {
}

my $action;
if ($session->setting->get("encryptLogin")) {
if ($session->config->get('sslEnabled') && $session->setting->get("encryptLogin")) {
my $uri = URI->new($session->url->page(undef,1));
$uri->scheme('https');
$uri->host_port($uri->host);
@@ -150,6 +150,8 @@ is($url2, $session->url->page("op=auth;method=logout"), "templated custom text,

##Change settings to use encrypt login and verify which links use https.
$session->setting->set("encryptLogin", 1);
WebGUI::Test->originalConfig('sslEnabled');
$session->config->set('sslEnabled', 1);

$output = WebGUI::Macro::L_loginBox::process($session,'','',$template->getId);
%vars = simpleTextParser($output);

0 comments on commit 9a09ec0

Please sign in to comment.
You can’t perform that action at this time.