You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by jo...@apache.org on 2014/03/18 22:35:56 UTC
[2/2] git commit: [#6701] Improve reliability of auth check
[#6701] Improve reliability of auth check
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/35efb70b
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/35efb70b
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/35efb70b
Branch: refs/heads/cj/6701
Commit: 35efb70b0065d4611340172a12c063edebfaa5e3
Parents: fa1b4ad
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 21:35:43 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Tue Mar 18 21:35:43 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/35efb70b/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 19c5207..585c6b2 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -81,8 +81,9 @@ def check_authentication(req):
auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
r = requests.post(auth_url, allow_redirects=False, params={
'username': req.user,
- 'password': req.get_basic_auth_pw()})
- return r.status_code == 302
+ 'password': req.get_basic_auth_pw(),
+ 'return_to': '/login_successful'})
+ return r.status_code == 302 and r.headers['location'].endswith('/login_successful')
def check_permissions(req):