The login script forgets URL parameters. This can break the workflow of a TWiki application.
For Dakar I suggest a workaround: Don't fix
script, but use
instead. Verified, the
retains the URL parameters.
i just checked here, and the login script retains URL parameters as expected. Either somebpody fixed it and forgot to close this topic, or you were actually reporting a bug with the logon
script? The fact that you talk about viewauth suggest you are using ApacheLogin (which uses logion
) rather than TemplateLogin (which uses login
). Is that right?
Please follow the steps described here on develop.twiki.org. When you click on "Log In" you get diverted to the
script, after pressing OK you end up at the originating topic, but without the original URL params.
The steps don't make sense. If I log out, I am then sitting at a
url. If I add parameters to that view URL then refresh the page, then the parameters are in the CGI query. If I hit
in the left bar, that is a URL jump to a new
URL, and it would be unreasonable to expect URL params to be retained; they wouldn't if it was a link to
either. If I try to perform an operation that raises an access control exception, such as an edit, then the parameters to that operation are retained across the login sequence.
Or are you expecting URL parameters to be retained when the user clicks the
Picture someone copying a URL with parameters (of a TWiki application) into an e-mail. The recipient clicks on the link, discovers that she is not yet logged in, clicks on "Log In", and ends up at the URL without parameters. May be this is a border case we can ignore? But then, why not simply point "Log In" to viewauth?
The case you describe above would proceed as follows:
- Recipient clicks on link
- They are denied access due to a security constraint, and are redirected to login - which maintains URL params
- They enter their login details and view the page with URL params in place
- Recipient clicks on link
- Recipient views page, and decides they want to edit
- This is no different to a standard view/edit sequence.
Can you please illustrate a specific case that you know
fails? Otherwise we can speculate about this until the cows come home.....
This is a border case. Scenario:
- Recipient clicks on link and ends up in the home of a TWiki app that has a SEARCH, filtered by URL params
- Topic is does not require to be authenticated, e.g. user is not asked to login
- Topic has text "please login to see subscribed items instead of default ones"
- User clicks on "Log In"
- URL params are gone, e.g. SEARCH filter is cleared
We have bigger problems to solve like Dakar performance and fixing pending bugs. Discarding since it is a border case.