[Dspace-devel] [DuraSpace JIRA] (DS-1644) xmlui.force.ssl ignored if authenticated user switches from https to http

[Terry Brady (DuraSpace JIRA)]

Terry Brady created DS-1644 xmlui.force.ssl ignored if authenticated user switches from https to http Issue Type: Bug Affects Versions: 1.7.3, 1.8.1 Assignee: Unassigned Components: XMLUI Created: 29/Aug/13 4:20 PM Description: While testing, I noticed that my user session was retained if I explicitly switch from https to http in spite of having xmlui.force.ssl set. org.dspace.app.xmlui.cocoon.DSpaceCocoonServletFilter contains the following test: realRequest.getSession().getAttribute("dspace.current.user.id") That session variable is never set in my testings. If I use dspace.user.effective, the redirect to https is enforced. Environment: RHEL Project: DSpace Priority: Minor Reporter: Terry Brady

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________
Dspace-devel mailing list
Dspace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-devel