Defect #3371
Autologin does not work when using openid
| Status: | Closed | Start date: | 2009-05-16 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | Jean-Philippe Lang | % Done: | 0% | |
| Category: | OpenID | |||
| Target version: | 2.3.0 | |||
| Affected version: | devel | Resolution: | Fixed |
Description
After closing my browser authentification gets lost
http://redmine.bellax.net
ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux]
rails (2.2.2)
postgres-pr (0.6.1)
PostgreSQL 8.3.7
History
#1 Updated by Andrew Kouznetsov about 4 years ago
autologin does not work when i am logging in by my openid url
#2 Updated by Jean-Philippe Lang about 4 years ago
- Assignee set to Eric Davis
#3 Updated by Jean-Philippe Lang about 4 years ago
- Subject changed from Autologin dows not works to Autologin dows not works when using openid
#4 Updated by Eric Davis over 3 years ago
- Category set to Accounts / authentication
- Resolution set to Cant reproduce
I can't reproduce this on the latest trunk version. Am I testing it correctly?
- Login as admin
- Setup OpenID url
- Logout
- Login as the OpenID url with "Remember Me"
- Enter OpenID authentication at OpenID host
- Logged into Redmine
- Close browser, clearing session cookies
- Start browser
- Visit Redmine
- Am still logged in from the "Remember Me"
#5 Updated by Elias Chistyakov over 3 years ago
--- app/controllers/account_controller.rb
+++ app/controllers/account_controller.rb
@@ -150,7 +150,7 @@ class AccountController < ApplicationController
def open_id_authenticate(openid_url)
- authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
+ authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url(:autologin => params[:autologin])) do |result, identity_url, registration|
if result.successful?
user = User.find_or_initialize_by_identity_url(identity_url)
if user.new_record?
#6 Updated by Andrew Kouznetsov about 3 years ago
My session resets each browser restart.
Here: rm.smix.name is clean redmine installation with a couple of projects.
(sorry I don't want search bots to index it)
#7 Updated by Aron Rotteveel over 2 years ago
I actually have the some problem (using myopenid.com). This has never worked for me.
#8 Updated by Peter Baumgartner over 2 years ago
This is present in 1.0.2. edavis10 had this to say in #redmine,
OpenID doesn't work with autologin because of how it comes back to Redmine. Autologin works with normal sessions.
"cant reproduce" resolution should be removed.
#9 Updated by Felix Schäfer over 2 years ago
- Resolution deleted (
Cant reproduce)
#10 Updated by Eric Davis over 2 years ago
- Assignee deleted (
Eric Davis)
#11 Updated by Aron Rotteveel over 2 years ago
This issue still exists for me using 1.1.0.stable.4761
#12 Updated by Etienne Massip almost 2 years ago
- Category changed from Accounts / authentication to OpenID
#13 Updated by Andrew Dahl 6 months ago
Elias Chistyakov wrote:
[...]
I can confirm this bug still exists in 2.1.4.stable and the quoted patch works. I've attached one that applies to 2.1.4.stable, since that is likely easier for you.
I tested this with Firefox 17.0.1 and IE9.
To reproduce, I followed Eric Davis route similarly:
- Login using OpenID url and register user
- Logout
- Login with the OpenID url, selecting "Auto Login"
- Enter OpenID authentication at OpenID host
- Logged into Redmine
- Close browser, clearing session cookies
- Start browser
- Visit Redmine Homepage (not /login)
- Am no longer logged in (of course, with the patch, I am.)
Also, if it's relevant, I have auto logins setup to stay current for 7 days. (Although, I don't think that should matter.)
#14 Updated by Jean-Philippe Lang 4 months ago
- Subject changed from Autologin dows not works when using openid to Autologin does not work when using openid
- Status changed from New to Resolved
- Assignee set to Jean-Philippe Lang
- Target version set to 2.3.0
- Resolution set to Fixed
Fixed in r11521.