Defect #3371
Autologin does not work when using openid
Status: | Closed | Start date: | 2009-05-16 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | % Done: | 0% | ||
Category: | OpenID | |||
Target version: | 2.3.0 | |||
Resolution: | Fixed | Affected version: |
Description
After closing my browser authentification gets lost
http://redmine.bellax.net
ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux]
rails (2.2.2)
postgres-pr (0.6.1)
PostgreSQL 8.3.7
History
#1
Updated by Andrew Kouznetsov almost 12 years ago
autologin does not work when i am logging in by my openid url
#2
Updated by Jean-Philippe Lang almost 12 years ago
- Assignee set to Eric Davis
#3
Updated by Jean-Philippe Lang over 11 years ago
- Subject changed from Autologin dows not works to Autologin dows not works when using openid
#4
Updated by Eric Davis over 11 years ago
- Category set to Accounts / authentication
- Resolution set to Cant reproduce
I can't reproduce this on the latest trunk version. Am I testing it correctly?
- Login as admin
- Setup OpenID url
- Logout
- Login as the OpenID url with "Remember Me"
- Enter OpenID authentication at OpenID host
- Logged into Redmine
- Close browser, clearing session cookies
- Start browser
- Visit Redmine
- Am still logged in from the "Remember Me"
#5
Updated by Elias Chistyakov about 11 years ago
--- app/controllers/account_controller.rb +++ app/controllers/account_controller.rb @@ -150,7 +150,7 @@ class AccountController < ApplicationController def open_id_authenticate(openid_url) - authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration| + authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url(:autologin => params[:autologin])) do |result, identity_url, registration| if result.successful? user = User.find_or_initialize_by_identity_url(identity_url) if user.new_record?
#6
Updated by Andrew Kouznetsov almost 11 years ago
My session resets each browser restart.
Here: rm.smix.name is clean redmine installation with a couple of projects.
(sorry I don't want search bots to index it)
#7
Updated by Aron Rotteveel over 10 years ago
I actually have the some problem (using myopenid.com). This has never worked for me.
#8
Updated by Peter Baumgartner over 10 years ago
This is present in 1.0.2. edavis10 had this to say in #redmine,
OpenID doesn't work with autologin because of how it comes back to Redmine. Autologin works with normal sessions.
"cant reproduce" resolution should be removed.
#9
Updated by Felix Schäfer over 10 years ago
- Resolution deleted (
Cant reproduce)
#10
Updated by Eric Davis over 10 years ago
- Assignee deleted (
Eric Davis)
#11
Updated by Aron Rotteveel about 10 years ago
This issue still exists for me using 1.1.0.stable.4761
#12
Updated by Etienne Massip over 9 years ago
- Category changed from Accounts / authentication to OpenID
#13
Updated by Andrew Dahl about 8 years ago
Elias Chistyakov wrote:
[...]
I can confirm this bug still exists in 2.1.4.stable and the quoted patch works. I've attached one that applies to 2.1.4.stable, since that is likely easier for you.
I tested this with Firefox 17.0.1 and IE9.
To reproduce, I followed Eric Davis route similarly:
- Login using OpenID url and register user
- Logout
- Login with the OpenID url, selecting "Auto Login"
- Enter OpenID authentication at OpenID host
- Logged into Redmine
- Close browser, clearing session cookies
- Start browser
- Visit Redmine Homepage (not /login)
- Am no longer logged in (of course, with the patch, I am.)
Also, if it's relevant, I have auto logins setup to stay current for 7 days. (Although, I don't think that should matter.)
#14
Updated by Jean-Philippe Lang almost 8 years ago
- Subject changed from Autologin dows not works when using openid to Autologin does not work when using openid
- Status changed from New to Resolved
- Assignee set to Jean-Philippe Lang
- Target version set to 2.3.0
- Resolution set to Fixed
Fixed in r11521.