We’ve got RT 2.0.15 and are using WebExternalAuth with Apache’s “require
valid-user” mechanism for authentication. Everything seems to work
fine except for one small thing:
When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.
If instead the non-privileged user explicitly loads
$WebBaseURL/SelfService/index.html, all is well. The diff of the previous
HTML source and this one verifies that the addition of /Elements/Footer is
the only change.
If I grant said user rights, this discrepancy goes away and it all works
fine.
Looking in /WebRT/html/autohandler, I think these are the relevant lines,
but to be honest I am not fluent in Mason so don’t completely understand
what this does:
if ( (defined $session{‘CurrentUser’}) and
( $session{‘CurrentUser’}->Id) ) {
# If the user isn\'t privileged, they can only see SelfService
if ((! $session{'CurrentUser'}->Privileged) and
($m->base_comp->path !~ '^/+SelfService/') ) {
$m->comp('/SelfService/index.html');
$m->abort();
}
else {
$m->call_next;
}
}
If the answer is not evident, it might help if someone could tell me what
autohandler does and how /Elements/Footer is NORMALLY added to
/SelfService/index.html (it isn’t in there explicitly). If I knew that, I
might be able to track this further.
I’ve spent a couple hours searching the archives and can’t get a handle on
this. I would really appreciate some advice.
We’ve got RT 2.0.15 and are using WebExternalAuth with Apache’s “require
valid-user” mechanism for authentication. Everything seems to work
fine except for one small thing:
When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.
When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.
Looking in /WebRT/html/autohandler, I think these are the relevant lines,
but to be honest I am not fluent in Mason so don’t completely understand
what this does:
if ( (defined $session{‘CurrentUser’}) and
( $session{‘CurrentUser’}->Id) ) {
# If the user isn\'t privileged, they can only see SelfService
if ((! $session{'CurrentUser'}->Privileged) and
($m->base_comp->path !~ '^/+SelfService/') ) {
$m->comp('/SelfService/index.html');
$m->abort();
}
else {
$m->call_next;
}
}
Update:
Commenting out the line “$m->abort()” in autohandler causes
/Elements/Footer to be loaded for non-privileged users. This is good.
However, I don’t know what other unwanted effects this might have. Can
someone explain what this bit of code in authohandler is doing? For now I
have this line commented out but would like to have confirmation that this
is a safe/sane thing to do.