Defect #5317
closed
projects.atom with required authentication
100%
Description
We are running a redmine deployment with required authentication.
Most RSS feeds seem to work in this setup, but the link to the feed from
the projects page ends up at the login page, when not requested from
the browser with a valid session.
Used software:
mysql Ver 14.14 Distrib 5.1.37, for debian-linux-gnu (x86_64)
ruby 1.8.7
rails 2.3.5
The message in the logs boils down to:
Filter chain halted as [:check_if_login_required] rendered_or_redirected.
I searched for this issue, but did only find #2078, which in fact would be also nice to have.
Files
Related issues
Updated by Harald Klimach over 14 years ago
Hi there,
just wanted to report, that this issue still persists after the upgrade to 0.9.4.
Updated by Moritz Spindelhirn over 14 years ago
Yep,
I confirm that it is still present in 0.9.4.
Updated by Felix Schäfer over 14 years ago
Could you tell us more about your setups, especially the source of your redmine (i.e. downloaded from redmine.org or installed from a debian package)?
Updated by Moritz Spindelhirn over 14 years ago
I´m sorry but I cannot give you this information because my hoster installed it.
I see what I can do to get it ;)
Updated by Felix Schäfer over 14 years ago
Moritz: I have a somewhat sure way to find it out if you have access to the redmine files on your server. Have a look at redmine_dir/config/initializers/40_email.rb, if it looks for the file email.yml in redmine_dir/config/email.yml it's stock, if it looks in /etc/redmine it's the deb.
Updated by Moritz Spindelhirn over 14 years ago
Ok, thanks.
It looks for config/email.yml, so it isnt the db package.
Updated by Felix Schäfer over 14 years ago
- Assignee set to Eric Davis
- Target version set to 0.9.5
Add :index to source:trunk/app/controllers/projects_controller.rb#L30, i.e. change:
accept_key_auth :activity
to:
accept_key_auth :activity, :index
Eric Hulser: Could you push that to trunk?
Updated by Felix Schäfer over 14 years ago
Felix Schäfer wrote:
Eric Hulser: Could you push that to trunk?
And while we're at it, I think it wouldn't hurt having the ATOM link for the project index in the header, i.e. add the following to source:trunk/app/views/projects/index.rhtml :
<% content_for :header_tags do %>
<%= auto_discovery_link_tag(:atom, {:action => 'index', :format => 'atom', :key => User.current.rss_key}) %>
<% end %>
Thanks :-)
Updated by Harald Klimach over 14 years ago
Hi,
sorry for the somewhat late reply, and thanks for looking at this issue.
I'm following the SVN repository, but only update to tagged releases, so
no debian specific stuff is involved.
I applied the both modifications (to 0.9.4), and the problem is gone.
Thanks a lot!
Updated by Greg Mefford over 14 years ago
- File issue5317_svn_3774.diff issue5317_svn_3774.diff added
- % Done changed from 0 to 80
To reproduce from a clean install of trunk:¶
- Administration -> Settings -> Authentication -> Check "Authentication Required." -> Click "Save"
- Create a test project
- Go to list of projects
- There should be no "Atom" icon in the browser address bar
- Click the "Atom" link at the bottom of the projects page
- Should see the Atom feed
- Copy the URL from the address bar
- Click "Log Out"
- Paste the URL back in the address bar
- Should see the login page
After applying the patch:¶
- Log in and get the link to the Atom feed from the projects list
- Should see the RSS/Atom auto-discovery icon in the address bar (although it looks like Chrome doesn't work)
- Log back out
- Should see the Atom feed now
Updated by Greg Mefford over 14 years ago
- File 5317_permissions.diff 5317_permissions.diff added
- File 5317_auto_discovery.diff 5317_auto_discovery.diff added
Split up the authentication fix from the auto_discovery fix.
Updated by Eric Davis over 14 years ago
- Status changed from New to Resolved
- % Done changed from 80 to 100
- Resolution set to Fixed
Updated by Eric Davis over 14 years ago
- Status changed from Resolved to Closed
Merged into 0.9-stable.