You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Gildas Guillemot <gg...@rennes.jouve.fr> on 2004/08/31 09:37:42 UTC

Redirect login page to https and portal loading in http.

Hello,

I'm trying to redirect the login page of my application to https and 
keep the rest of the request in http. I'm using the new portal engine of 
cocoon and i have some problem to get it working when Apache switch from 
https to http.
I'm using the rewrite module of Apache and I have define this rules :

<VirtualHost *:80>
...
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{REQUEST_URI} /login.*
RewriteRule ^/(.+)$ https://myserver/$1 [R]

#rule 2
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{REQUEST_URI} /auth\?*
RewriteRule ^/(.+)$ https://myserver/$1 [R]
#end rule 2
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{REQUEST_URI} notlogged*
RewriteRule ^/(.+)$ https://myserver/$1 [R]
</VirtualHost>


<VirtualHost *:443>
...
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !/login.*
#rule 2
RewriteCond %{REQUEST_URI} !/auth\?*
#end rule 2
RewriteCond %{REQUEST_URI} !^/styles/*/.*$
RewriteCond %{REQUEST_URI} !^/scripts/*/.*$
RewriteCond %{REQUEST_URI} !^/favicon.ico$
RewriteRule ^/(.+)$ http://myserver/$1 [R]
</VirtualHost>


This rules seem to be correct but I can't login into the portal.
- if I remove the rule #2, only the login page is in https and when i 
submit the login form, username and password are not send to the portal: 
the portal return me a "You should send username and password" error.

- if I add the rule #2, the login page and the auth pipeling are in 
https and when i submit the login fomr, username and password are send 
to the portal, the authentification is successfully done, but the portal 
is not loaded: it return me a "Exception during loading of profile." 
error with a null pointer exception.


Here are my pipeline for authentification :

<!-- Login -->
<map:match pattern="login">
   <map:act type="auth-loggedIn">
     <map:parameter name="handler" value="portalhandler"/>
     <map:parameter name="application" value="portal"/>
     <map:act type="portal-login">
       <map:parameter name="portal-name" value="portal"/>
     </map:act>
     <map:redirect-to uri="portal"/>
   </map:act>
   <map:generate src="resources/login.xml"/>
   <map:transform src="{global:skin}styles/login-html.xsl"/>
   <map:transform src="{global:skin}styles/portal-page.xsl"/>
   <map:transform type="encodeURL"/>
   <map:serialize/>
</map:match>


<!-- Auth -->
<map:match pattern="auth">
   <map:act type="auth-loggedIn">
     <map:parameter name="handler" value="portalhandler"/>
     <map:redirect-to uri="loggedin"/>
   </map:act>
   <map:act type="auth-login">
     <map:parameter name="handler" value="portalhandler"/>
     <map:parameter name="parameter_name" value="{request-param:name}"/>
     <map:parameter name="parameter_password" 
value="{request-param:password}"/>
	
     <map:act type="session-setattr">
       <map:parameter name="user-id" value="{ID}"/>
       <map:parameter name="user-name" value="{name}"/>
       <!-- Redirect #1 -->
       <map:redirect-to uri="portal"/>
       <!-- Redirect #2 -->
       <map:redirect-to uri="cocoon:/portal"/>
     </map:act>
   </map:act>	
   <map:generate type="serverpages" src="resources/login-error.xsp"/>
   <map:transform type="session"/>
   <map:transform src="{global:skin}styles/portal-page.xsl"/>
   <map:transform type="encodeURL"/>
   <map:serialize/>
</map:match>

<!-- Logout -->
<map:match pattern="logout">
   <map:act type="auth-protect">
     <map:parameter name="handler" value="portalhandler"/>
     <map:parameter name="application" value="portal"/>	
     <map:act type="portal-logout">
       <map:parameter name="portal-name" value="portal"/>
     </map:act>
     <map:act type="auth-logout"/>
   </map:act>
   <map:redirect-to uri="login"/>
</map:match>


In the auth pipeline, if I change the redirect #1 with the redirect #2. 
In other word, if I'm using the "cocoon:/" protocol to call the portal, 
it is loaded correctly. But when I click on tabs, I have a "Redirect 
Loop Error" from FireFox. To get out of this error, I need to click on 
the logout link. And then, if I log in again, the portal is working 
perfectly...

I really appreciate if someone has an explanation why the portal work 
only on the second login and users of my portal were very happy if 
someone could help me to have this working on the first login :-)

Thanks in advance,

-- 
Gildas


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org