Project

General

Profile

Actions

Defect #3371

closed

Autologin does not work when using openid

Added by Andrew Kouznetsov over 15 years ago. Updated almost 12 years ago.

Status:
Closed
Priority:
Normal
Category:
OpenID
Target version:
Start date:
2009-05-16
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

After closing my browser authentification gets lost
http://redmine.bellax.net

ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux]
rails (2.2.2)
postgres-pr (0.6.1)
PostgreSQL 8.3.7


Files

Actions #1

Updated by Andrew Kouznetsov over 15 years ago

autologin does not work when i am logging in by my openid url

Actions #2

Updated by Jean-Philippe Lang over 15 years ago

  • Assignee set to Eric Davis
Actions #3

Updated by Jean-Philippe Lang over 15 years ago

  • Subject changed from Autologin dows not works to Autologin dows not works when using openid
Actions #4

Updated by Eric Davis about 15 years ago

  • Category set to Accounts / authentication
  • Resolution set to Cant reproduce

I can't reproduce this on the latest trunk version. Am I testing it correctly?

  1. Login as admin
  2. Setup OpenID url
  3. Logout
  4. Login as the OpenID url with "Remember Me"
  5. Enter OpenID authentication at OpenID host
  6. Logged into Redmine
  7. Close browser, clearing session cookies
  8. Start browser
  9. Visit Redmine
  10. Am still logged in from the "Remember Me"
Actions #5

Updated by Elias Chistyakov almost 15 years ago

--- app/controllers/account_controller.rb
+++ app/controllers/account_controller.rb
@@ -150,7 +150,7 @@ class AccountController < ApplicationController

   def open_id_authenticate(openid_url)
-    authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
+    authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url(:autologin => params[:autologin])) do |result, identity_url, registration|
       if result.successful?
         user = User.find_or_initialize_by_identity_url(identity_url)
         if user.new_record?
Actions #6

Updated by Andrew Kouznetsov over 14 years ago

My session resets each browser restart.
Here: rm.smix.name is clean redmine installation with a couple of projects.
(sorry I don't want search bots to index it)

Actions #7

Updated by Aron Rotteveel about 14 years ago

I actually have the some problem (using myopenid.com). This has never worked for me.

Actions #8

Updated by Peter Baumgartner about 14 years ago

This is present in 1.0.2. edavis10 had this to say in #redmine,

OpenID doesn't work with autologin because of how it comes back to Redmine. Autologin works with normal sessions.

"cant reproduce" resolution should be removed.

Actions #9

Updated by Felix Schäfer about 14 years ago

  • Resolution deleted (Cant reproduce)
Actions #10

Updated by Eric Davis about 14 years ago

  • Assignee deleted (Eric Davis)
Actions #11

Updated by Aron Rotteveel almost 14 years ago

This issue still exists for me using 1.1.0.stable.4761

Actions #12

Updated by Etienne Massip over 13 years ago

  • Category changed from Accounts / authentication to OpenID
Actions #13

Updated by Andrew Dahl about 12 years ago

Elias Chistyakov wrote:

[...]

I can confirm this bug still exists in 2.1.4.stable and the quoted patch works. I've attached one that applies to 2.1.4.stable, since that is likely easier for you.

I tested this with Firefox 17.0.1 and IE9.

To reproduce, I followed Eric Davis route similarly:

  1. Login using OpenID url and register user
  2. Logout
  3. Login with the OpenID url, selecting "Auto Login"
  4. Enter OpenID authentication at OpenID host
  5. Logged into Redmine
  6. Close browser, clearing session cookies
  7. Start browser
  8. Visit Redmine Homepage (not /login)
  9. Am no longer logged in (of course, with the patch, I am.)

Also, if it's relevant, I have auto logins setup to stay current for 7 days. (Although, I don't think that should matter.)

Actions #14

Updated by Jean-Philippe Lang almost 12 years ago

  • Subject changed from Autologin dows not works when using openid to Autologin does not work when using openid
  • Status changed from New to Resolved
  • Assignee set to Jean-Philippe Lang
  • Target version set to 2.3.0
  • Resolution set to Fixed

Fixed in r11521.

Actions #15

Updated by Jean-Philippe Lang almost 12 years ago

  • Status changed from Resolved to Closed

Merged.

Actions

Also available in: Atom PDF