Evergreen

TPAC: Odd Login to 404 behavior

Bug #1077203 reported by Dan Wells on 2012-11-09

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Evergreen	Fix Released	Medium	Unassigned	Evergreen 2.6.0-beta1
	2.5	Fix Released	Medium	Unassigned	Evergreen 2.5.3

Bug Description

As it stands, in a default install, if you browse to

http://yourserver.com/eg/opac

you are redirected to a login page, and if you login, you then get to the 404 page. This behavior is caused by the fact that *any*
URLs which do not match a few select cases are assumed to be "secure" resources, when in fact they might not even exist.

This branch catches any attempt to browse this 'base' and simply redirects to the "home" page instead.

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/dbwells/tpac_base_redirect

While addresses the most obvious and likely 404 of this type, we might consider catching some other cases (e.g. eg/opac/record/).
In addition (or as an alternative), we could also create a function call which simply checks the validity of a URL before we ask the
user to login to see it.

I am tagging this as a pullrequest, as I think this small change makes the biggest difference, but I'd also like for this bug to have some conversation about how we want to deal with this behavior at the larger scale.

Thanks,
Dan

Tags:

Revision history for this message

Michael Peters (mrpeters) wrote on 2012-11-14:

Confirmed the behavior. Not able to test the patch at this time, however.

Changed in evergreen:
status:	New → Confirmed

Revision history for this message

Ben Shum (bshum) wrote on 2013-02-13:

Patch works, though I'm not entirely sure yet my feelings about the issue. In our consortium, we've used apache redirects to point people to the right place as long as their hostnames are correct.

I think checking for the validity of the URL prior to asking the user to login sounds reasonable though as a potential bigger fix idea.

Leaving this alone for the time being till we get more input for Dan.

Changed in evergreen:
importance:	Undecided → Wishlist
importance:	Wishlist → Undecided

Ben Shum (bshum) on 2013-03-03

Changed in evergreen:
milestone:	2.4.0-alpha1 → 2.4.0-beta

Ben Shum (bshum) on 2013-03-17

Changed in evergreen:
milestone:	2.4.0-beta → 2.4.0-rc
importance:	Undecided → Medium
assignee:	nobody → Dan Wells (dbw2)

Ben Shum (bshum) on 2013-04-27

Changed in evergreen:
milestone:	2.4.0-rc → none

Ben Shum (bshum) on 2013-08-22

no longer affects:

evergreen/2.2

Dan Wells (dbw2) on 2014-02-06

no longer affects:	evergreen/2.3
Changed in evergreen:
assignee:	Dan Wells (dbw2) → nobody
milestone:	none → 2.6.0-beta1

Revision history for this message

Bill Erickson (berick) wrote on 2014-02-13:

Leaving the bigger question alone for now, I think Dan's commit is sensible. Tested and merged to 2.4+. Thanks, Dan.

Changed in evergreen:
assignee:	nobody → Bill Erickson (erickson-esilibrary)
status:	Confirmed → Fix Committed
assignee:	Bill Erickson (erickson-esilibrary) → nobody

Evergreen Bug Maintenance (bugmaster) on 2014-06-26

Changed in evergreen:
status:	Fix Committed → Fix Released

Evergreen Bug Maintenance (bugmaster) on 2016-08-16

no longer affects:

evergreen/2.4

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.