[
https://jira.duraspace.org/browse/DS-1064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robin Taylor updated DS-1064:
-----------------------------
Comment: was deleted
(was: Just adding some discussion from the developers meeting for info...
<robint> So if anyone has any further comment on DS-1060 please add to the Jira
issue
[20:04] <robint> I suspect Tim will want to commit any changes tomorrow
[20:05] <hpottinger> I've been testing the patches Tim has submitted for 1060,
I think all of them mark a change from the current behavior of the -Dconfig=
param
[20:05] <robint> Just saw your latest comment
[20:07] <hpottinger> the simple patch will likely be the least controversial,
as Tim says
[20:07] <robint> I can't even make up my mind what the optimum behaviour should
be
[20:08] <robint> Without Tim I'm not sure how much we can do here so possibly
best just to keep adding commentss to the issue.
[20:09] <hpottinger> I believe certain development workflows count on being
able to pass in a custom-tweaked dspace.cfg
[20:09] <robint> Ok, should we move on to documentation ?
[20:09] <robint> Sorry hpottinger, I'll slow down :)
[20:09] <mhwood> I rather don't like the idea of hunting for settings that
didn't get copied. Especially since what sites *should* do is to customize a
copy of the new stock config from their old settings *before* running 'ant
-Dconfig=newone update'.
[20:10] <robint> mhwood: thats my preference too
[20:11] <mhwood> Maybe copy-as-many-settings-as-we-can should be a separate
target.
[20:12] <hpottinger> I like that
[20:13] <robint> Yes I worry its becoming too messy by trying to be too
intelligent
[20:13] <mhwood> Anyway, whether the source of the configuration is specified
explicitly or defaults to the source kit, IMHO update should do the same thing.
My preference would be "just move the old one aside and copy it".
[20:14] <robint> +1
[20:14] <mhwood> ("It" is the source of the config. file, not the old config.)
[20:15] <hpottinger> +1
)
> Authentication error with external login in JSPUI
> -------------------------------------------------
>
> Key: DS-1064
> URL: https://jira.duraspace.org/browse/DS-1064
> Project: DSpace
> Issue Type: Bug
> Components: JSPUI
> Reporter: Kevin Van de Velde
> Assignee: Kevin Van de Velde
> Priority: Major
> Attachments: authentication_error.patch
>
>
> To reproduce this bug do the following:
> * The repository has to have a login mechanism that requires users to login
> on a different web site then where the DSpace is located.
> * A non logged in user clicks on a bitstream url (to which only certain users
> have access) & is sent to the login mechanism.
> * The login is completed successfully so the user is sent back to the
> bitstream url (he is logged in as a proper user so should have access).
> * The user will see an authorize exception
> * When the user refreshes the page the bitstream will be accessible.
> Now why does to happen ?
> The first time the user attempt to retrieve the file an authorize exception
> is thrown which is caught in the DSpaceServlet.java & the startAuthentication
> method will be called upon.
> If the first "if" fails (due to for example bad arguments) the user will be
> redirected to the authentication website.
> When the authentication website is done the user is sent back to the
> bitstream page which results in another authorize exception (since even
> though he might have the proper argument no login has occurred).
> In this case the exception will again be caught by the DSpaceServlet.java &
> the startAuthentication will be called again, only this time it is
> successfull resulting in the method returning true & so the
> DSpaceServlet.java sends us to an "not authenticated" page. (Even though we
> are authenticated & might have access)
> I am not 100% sure this is a bug (or even if it is if my fix is the correct
> one), but I have attached a patch that will solve the issue.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.duraspace.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
