rejetto forum
Software => HFS ~ HTTP File Server => Bug reports => Topic started by: r][m on April 11, 2009, 03:06:39 PM
-
I've commented on this before:
http://www.rejetto.com/forum/index.php?topic=6626.msg1040508#msg1040508
and again more recently.
This is what my testing shows. (this goes back a long ways)
Using build 229, default tpl. Opera 9.63.
List protected items only for allowed users - is not checked.
No password on root. Protected folder in root named "Files"
contains all other protected folders and files.
When you go to my address you see HFS page Home with folder named
"Files", Search and Menu, etc.
Menu has Login and File List. If you use Menu ~login some
macros like {.if | %user% |..... /if.} work as expected.
However, if you click on the protected folder "Files" and
log in then they do not. When you have logged in by clicking
protected folder "Files" the "user:whoever is logged in" box
is visable and you can access protected folders.....but
when you go back to Home "/" Login is still in the Menu and the
"user:whoever is logged in" box is gone. (like no one is logged in)
While testing this code:
[unauthorized]
{.add to log|Bad login: %user% / %password%.}
From this post
http://www.rejetto.com/forum/index.php?topic=6719.msg1041472#msg1041472
I found that when logging in by Menu ~login it did not work.
When logged in by protected folder, it will add "Bad login:" with details
to log and log window, if you enter wrong pass for the user name.
Aparrently when a user logs in by clicking protected folder they
are not logged into the root, but some level below?
Maybe this is expected behavior? Or maybe its like the "No log out"
...just the way it is.....but its driving me nuts..... under these conditions
some user sensitive macros work, others do not.
I have a public website in front of my secure file server, so
I can't just password the root.
Could someone else test this please?
-
Well, it's the expected, yet unwanted, behavior.
It's like main browsers handle this kind of authentication.
Since it's totally out of my control, this will be solved when we change auth system. (same time the "no logout" problem will be solved)
-
OK, thanks for your reply.
Now that I know its not some template code or system
problem, I'll try to find some sort of template/site design work around.
I wonder though, shouldn't the bad login code I mentioned in the first post,
work when /~login is used?
Its the inconsistency thats causing me problems when adding new template
macros/functions. It would seem some work one way with logged in user
while others may not??
Perhaps it depends on the folder/subfolder level?
-
next build should solve this problem.
would you like to test it in advance?
-
next build should solve this problem.
would you like to test it in advance?
Yes, but it might be some hours before I can test it.
My work week begins soon.