EPrints Technical Mailing List Archive
Message: #00580
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] Re: Screen::Logout bug?
- To: eprints-tech@ecs.soton.ac.uk
- Subject: [EP-tech] Re: Screen::Logout bug?
- From: Tim Brody <tdb2@ecs.soton.ac.uk>
- Date: Fri, 18 May 2012 15:35:45 +0100
On Fri, 2012-05-18 at 09:27 +0100, Jon Hallett wrote: > Thanks for following up, Tim. > > Okay, so we have two instances, called uweresearch > (http://eprints.uwe.ac.uk) and uwedata > (http://researchdata.uwe.ac.uk). Both share the same SSL certificate, > eprints.uwe.ac.uk. > > So what I'm seeing is that the http logout URL is logging off the wrong > instance. So, for example, if the uwedata logout URL is the > http_cgiurl version, http://eprints.uwe.ac.uk/cgi/logout (note, not > http://researchdata.uwe.ac.uk/cgi/logout for some odd reason), the > user is logged out of uweresearch and left in the uweresearch pages. > > If I change Screen::Logout to use https_cgiurl, it works as I expect it > to. The logout URL for uwedata becomes > https://eprints.uwe.ac.uk/datasecure/cgi/logout and the user is logged > out of the correct instance. > > Essentially it looks like the http_cgiroot in the logout script is > either using the wrong host for CGI URLs or doesn't know which > instance it is supposed to be logging out. 10_core.pl for uwedata > looks fine, so I don't think it is anything that simple... I understand. The problem is render_action_link() is assuming (wrongly) that it is always relative to the http: path. This should fix the issue: http://trac.eprints.org/eprints/changeset/7743 (As-in relative-to-current URL, not fixed to http: or https:) /Tim. > -----Original Message----- > > Message: 1 > Date: Wed, 16 May 2012 12:17:20 +0100 > From: Tim Brody <tdb2@ecs.soton.ac.uk> > Subject: [EP-tech] Re: Screen::Logout bug? > To: eprints-tech@ecs.soton.ac.uk > Message-ID: <1337167040.2333.16.camel@chassis.ecs.soton.ac.uk> > Content-Type: text/plain; charset="utf-8" > > On Wed, 2012-05-16 at 09:21 +0100, Jon Hallett wrote: > > I think there is a problem in perl_lib/EPrints/Plugin/Screen/Logout.pm > > for sites with multiple secure archives. The upshot is that > > > > > [snip] > > > > The background is that we have two secure instances, > > http://eprints.uwe.ac.uk and http://researchdata.uwe.ac.uk. Unless the > > change is made to render_action_link the logout link is > > researchdata.uwe.ac.uk appears as http://eprints.uwe.ac.uk/cgi/logout, > > which doesn?t work. > > Hi Jon, > > I'm not sure I understand the problem. The link should go to http: for > the current repository, which will delete the login session for the user > in the current repository? > > Where does https come into it? > > -- > All the best, > Tim > > > > *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech > *** Archive: http://www.eprints.org/tech.php/ > *** EPrints community wiki: http://wiki.eprints.org/
Attachment:
signature.asc
Description: This is a digitally signed message part
- References:
- [EP-tech] Re: Screen::Logout bug?
- From: Jon Hallett <Jon.Hallett@uwe.ac.uk>
- [EP-tech] Re: Screen::Logout bug?
- Prev by Date: [EP-tech] Re: Cann't upload file
- Next by Date: [EP-tech] Re: Cann't upload file
- Previous by thread: [EP-tech] Re: Screen::Logout bug?
- Next by thread: [EP-tech] Re: Screen::Logout bug?
- Index(es):