• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

The login script forgets URL parameters. This can break the workflow of a TWiki application.

Test case:

For Dakar I suggest a workaround: Don't fix login script, but use viewauth instead. Verified, the viewauth retains the URL parameters.

-- PTh

i just checked here, and the login script retains URL parameters as expected. Either somebpody fixed it and forgot to close this topic, or you were actually reporting a bug with the logon script? The fact that you talk about viewauth suggest you are using ApacheLogin (which uses logion) rather than TemplateLogin (which uses login). Is that right?

CC

Please follow the steps described here on develop.twiki.org. When you click on "Log In" you get diverted to the login script, after pressing OK you end up at the originating topic, but without the original URL params.

-- PTh

The steps don't make sense. If I log out, I am then sitting at a view url. If I add parameters to that view URL then refresh the page, then the parameters are in the CGI query. If I hit login in the left bar, that is a URL jump to a new URL, and it would be unreasonable to expect URL params to be retained; they wouldn't if it was a link to viewauth either. If I try to perform an operation that raises an access control exception, such as an edit, then the parameters to that operation are retained across the login sequence.

Or are you expecting URL parameters to be retained when the user clicks the login link?

CC

Picture someone copying a URL with parameters (of a TWiki application) into an e-mail. The recipient clicks on the link, discovers that she is not yet logged in, clicks on "Log In", and ends up at the URL without parameters. May be this is a border case we can ignore? But then, why not simply point "Log In" to viewauth?

-- PTh

The case you describe above would proceed as follows:

  1. Recipient clicks on link
  2. They are denied access due to a security constraint, and are redirected to login - which maintains URL params
  3. They enter their login details and view the page with URL params in place
or
  1. Recipient clicks on link
  2. Recipient views page, and decides they want to edit
  3. This is no different to a standard view/edit sequence.
Can you please illustrate a specific case that you know fails? Otherwise we can speculate about this until the cows come home.....

CC

This is a border case. Scenario:

  1. Recipient clicks on link and ends up in the home of a TWiki app that has a SEARCH, filtered by URL params
  2. Topic is does not require to be authenticated, e.g. user is not asked to login
  3. Topic has text "please login to see subscribed items instead of default ones"
  4. User clicks on "Log In"
  5. URL params are gone, e.g. SEARCH filter is cleared

We have bigger problems to solve like Dakar performance and fixing pending bugs. Discarding since it is a border case.

-- PTh

ItemTemplate
Summary Login loses URL parameters
ReportedBy PeterThoeny
AppliesTo Engine
Priority Normal
CurrentState No Action Required
WaitingFor

Edit | Attach | Watch | Print version | History: r8 < r7 < r6 < r5 < r4 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r8 - 2005-10-30 - PeterThoeny
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback