Evergreen

Selfcheck needs to be run with https

Bug #1047485 reported by Ben Shum
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
Low
Unassigned
Evergreen 2.6.0-alpha1
2.5
Fix Released
Low
Unassigned
Evergreen 2.5.3

Bug Description

Evergreen master

We had reports of problems using selfcheck in the field: hostname/eg/circ/selfcheck/main

It seems the problem is that if the browser uses http, it doesn't allow the browser to stay logged in and authenticated leading to a continuous problem using the selfcheck each time it tried to lookup a new user's barcode, it would ask for re-authentication.

Changing it to HTTPS worked fine in Chrome, but for some reason Firefox kept trying to go back to HTTP.

senator suggests in IRC that we may want to force the default apache config to use HTTPS for all selfcheck related traffic.

Revision history for this message
Ben Shum (bshum) wrote :

To note, Firefox is fine. Just had bad cached results screwing up http/https on my test machine.

Ben Shum (bshum)
tags: added: bitesize
Changed in evergreen:
status: New → Triaged
importance: Undecided → Low
Revision history for this message
Michael Peters (mrpeters) wrote :

Fixed.

To <email address hidden>:working/Evergreen.git
 * [new branch] lp1047485_selfcheck_https -> user/mrpeters-isl/lp1047485_selfcheck_https

tags: added: pullrequest
Michael Peters (mrpeters)
Changed in evergreen:
status: Triaged → Confirmed
Revision history for this message
Pasi Kallinen (paxed) wrote :

mrpeters' fix doesn't apply cleanly to master anymore, but the change itself is pretty trivial. (Although I would've probably put the rewrites inside LocationMatch)

Revision history for this message
Dan Wells (dbw2) wrote :

Targeting to 2.5.2, since this probably won't get much attention otherwise.

Changed in evergreen:
milestone: none → 2.5.2
Revision history for this message
Elliot Voris (elliotfriend) wrote :

I published this to the working repository, because managing GitHub alongside that is making things much more cumbersome:

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/ElliotFriend/lp1047485_selfcheck_https

working/user/ElliotFriend/lp1047485_selfcheck_https

Revision history for this message
Elliot Voris (elliotfriend) wrote :

I was able to go through a test installation using Fedora 19, and Apache 2.4 using this branch. The committed fix does re-direct the selfcheck page to HTTPS, as I thought it would.

Dan Wells (dbw2)
Changed in evergreen:
milestone: 2.5.2 → 2.6.0-alpha1
Dan Scott (denials)
Changed in evergreen:
assignee: nobody → Dan Scott (denials)
Revision history for this message
Dan Scott (denials) wrote :

Tested successfully again on Fedora 20 / Apache 2.4 with Elliot's branch. I rewrote the commit message to credit Michael Peters for the initial work and to make the commit message conform to the normal summary / description standards. Many thanks Elliot! Applied to master and 2.5.

Changed in evergreen:
status: Confirmed → Fix Committed
Revision history for this message
Elliot Voris (elliotfriend) wrote :

Thanks, Dan! I'm happy to help, however I can. I'll keep in mind the changes you made to that commit message next time.

Dan Wells (dbw2)
Changed in evergreen:
assignee: Dan Scott (denials) → nobody
Evergreen Bug Maintenance (bugmaster)
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.