Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
sslEnabled in the config file trumps encryptLogin in the settings.
  • Loading branch information
perlDreamer committed Mar 11, 2012
1 parent b39a7d5 commit 9a09ec0
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 4 deletions.
1 change: 1 addition & 0 deletions docs/changelog/7.x.x.txt
Expand Up @@ -8,6 +8,7 @@
- fixed #12328: invalid wgaccess file in uploads
- RFE: 9730 (actually missing documentation)
- fixed: Crud updateFromFormPost
- fixed: encryptLogin and sslEnabled both need to be true

7.10.24
- fixed #12318: asset error causes asset manager to fail
Expand Down
6 changes: 3 additions & 3 deletions lib/WebGUI/Auth.pm
Expand Up @@ -589,7 +589,7 @@ sub displayLogin {
my $i18n = WebGUI::International->new($self->session);
$vars->{title} = $i18n->get(66);
my $action;
if ($self->session->setting->get("encryptLogin")) {
if ($self->session->config->get('sslEnabled') && $self->session->setting->get("encryptLogin")) {
my $uri = URI->new($self->session->url->page(undef,1));
$uri->scheme('https');
$uri->host_port($uri->host);
Expand Down Expand Up @@ -924,7 +924,7 @@ sub login {
$self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
$self->session->scratch->delete("redirectAfterLogin");
}
elsif ($self->session->setting->get('encryptLogin')) {
elsif ($self->session->config->get('sslEnabled') && $self->session->setting->get('encryptLogin')) {
my $currentUrl = URI->new($self->session->url->page(undef,1));
$currentUrl->scheme('http');
$currentUrl->port($self->session->config->get('webServerPort') || 80);
Expand Down Expand Up @@ -1109,7 +1109,7 @@ sub showMessageOnLogin {
|| $session->url->getBackToSiteURL
;

if ($session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
if ($self->session->config->get('sslEnabled') && $session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
##A scheme-less URL has been supplied. We need to make it an absolute one
##with a non-encrypted scheme. Otherwise the user will stay in SSL mode.
##We assume that the user put the gateway URL into their URL.
Expand Down
2 changes: 1 addition & 1 deletion lib/WebGUI/Macro/L_loginBox.pm
Expand Up @@ -96,7 +96,7 @@ sub process {
}

my $action;
if ($session->setting->get("encryptLogin")) {
if ($session->config->get('sslEnabled') && $session->setting->get("encryptLogin")) {
my $uri = URI->new($session->url->page(undef,1));
$uri->scheme('https');
$uri->host_port($uri->host);
Expand Down
2 changes: 2 additions & 0 deletions t/Macro/L_loginBox.t
Expand Up @@ -150,6 +150,8 @@ is($url2, $session->url->page("op=auth;method=logout"), "templated custom text,

##Change settings to use encrypt login and verify which links use https.
$session->setting->set("encryptLogin", 1);
WebGUI::Test->originalConfig('sslEnabled');
$session->config->set('sslEnabled', 1);

$output = WebGUI::Macro::L_loginBox::process($session,'','',$template->getId);
%vars = simpleTextParser($output);
Expand Down

0 comments on commit 9a09ec0

Please sign in to comment.