SelfService/index.html and /Elements/Footer

I could use some help to figure something out.

We’ve got RT 2.0.15 and are using WebExternalAuth with Apache’s “require
valid-user” mechanism for authentication. Everything seems to work
fine except for one small thing:

When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.

If instead the non-privileged user explicitly loads
$WebBaseURL/SelfService/index.html, all is well. The diff of the previous
HTML source and this one verifies that the addition of /Elements/Footer is
the only change.

If I grant said user rights, this discrepancy goes away and it all works
fine.

Looking in /WebRT/html/autohandler, I think these are the relevant lines,
but to be honest I am not fluent in Mason so don’t completely understand
what this does:

if ( (defined $session{‘CurrentUser’}) and
( $session{‘CurrentUser’}->Id) ) {

# If the user isn\'t privileged, they can only see SelfService
if ((! $session{'CurrentUser'}->Privileged) and
    ($m->base_comp->path !~ '^/+SelfService/') ) {
    $m->comp('/SelfService/index.html');
    $m->abort();
}
else {
    $m->call_next;
}

}

If the answer is not evident, it might help if someone could tell me what
autohandler does and how /Elements/Footer is NORMALLY added to
/SelfService/index.html (it isn’t in there explicitly). If I knew that, I
might be able to track this further.

I’ve spent a couple hours searching the archives and can’t get a handle on
this. I would really appreciate some advice.

Sincerely,

Jarrod Smith

I could use some help to figure something out.

We’ve got RT 2.0.15 and are using WebExternalAuth with Apache’s “require
valid-user” mechanism for authentication. Everything seems to work
fine except for one small thing:

When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.

what’s your apache config look like?

seph

what’s your apache config look like?

I’m on RedHat 7.2, running Apache 1.3.22

Here are the relevant lines from httpd.conf:

ServerName support.structbio.vanderbilt.edu

DocumentRoot: The directory out of which you will serve your

documents. By default, all requests are taken from this directory, but

symbolic links and aliases may be used to point to other locations.

DocumentRoot “/usr/local/rt2/WebRT/html”

RT stuff here

PerlRequire /usr/local/rt2/bin/webmux.pl

AllowOverride AuthConfig Limit
SetHandler perl-script
PerlHandler RT::Mason

And .htaccess in /usr/local/rt2/WebRT/html:

AuthUserFile /etc/httpd/htpasswd
AuthType Basic
AuthName "Structural Biology Computing Support"
require valid-user

When a non-privileged user first hits $WebBaseURL (which is also
DocumentRoot at our site) and authenticates themselves to Apache,
/Elements/Footer does not get added to the end of the resulting page.
The missing Footer causes all kinds of problems for some of the browsers
we have deployed here.

Looking in /WebRT/html/autohandler, I think these are the relevant lines,
but to be honest I am not fluent in Mason so don’t completely understand
what this does:

if ( (defined $session{‘CurrentUser’}) and
( $session{‘CurrentUser’}->Id) ) {

# If the user isn\'t privileged, they can only see SelfService
if ((! $session{'CurrentUser'}->Privileged) and
    ($m->base_comp->path !~ '^/+SelfService/') ) {
    $m->comp('/SelfService/index.html');
    $m->abort();
}
else {
    $m->call_next;
}

}

Update:

Commenting out the line “$m->abort()” in autohandler causes
/Elements/Footer to be loaded for non-privileged users. This is good.
However, I don’t know what other unwanted effects this might have. Can
someone explain what this bit of code in authohandler is doing? For now I
have this line commented out but would like to have confirmation that this
is a safe/sane thing to do.

Thanks

Jarrod Smith