On Fri, 05 Oct 2012, Endi Sukma Dewata wrote:
On 10/5/2012 8:56 AM, Alexander Bokovoy wrote:
On Thu, 04 Oct 2012, Petr Vobornik wrote:
On 10/03/2012 04:19 PM, Simo Sorce wrote:
On Wed, 2012-10-03 at 15:50 +0200, Petr Vobornik wrote:
As Alexander proposed in other channel. I will remove the removal of
configure.jar and offer the old configuration method if user is
using FF
< 4 so we don't have to make the extension compatible with this ancient
version. It will be done this way:

If FF < 4 is detected:
  * in browserconfig.html steps 2 and 3 will be grayed-out and
with step 2a with a link to ssbrowser.html and a description explaining
the problem
  * ssbrowser.html will be enhanced by steps for autoconfiguration
of FF
< 4.

We can also show the steps in browserconfig, but I want to have it
somehow available even if user is not using FF<4 to keep general
awareness about the problem and also to be usable if version detection
fails. Other possible problem with steps in browserconfig is different
styles of buttons (to keep the same styles we would have to include
css files and jquery.js to configure.jar, which I don't want to do).

Excellent plan, we should try to reduce the amount of work, and letting
old browsers use the old method is perfectly fine.
If FF15 is the only browser that fails with the old method I would even
go as far as testing exclusively with FF15 and have anything < FF15 use
the old method.


Updated patches attached.

browserconfig.html points to older config method for versions prior to

The extension is theoretically compatible with FF3.6 and then FF10 and
later. There is a problem for FF4-9 with loading strings from
.properties file. FF3.6 is working because it doesn't use bootstraping.

I also notice that we have an existing issue when navigating to config
pages right away before accepting any certificate. Those pages are
using some resorces from /ui/ folder which is redirected to https.
These resources are not loaded because certificate isn't imported. If
user is going straight for Web UI, he won't encounter this issue, but
someone might.
I tested this patchset and apart from the non-obvious  extension
description displayed when installing it, which is based on a certificate,
everything is great.


It works for me too. Just some questions:

1. It looks like the Firefox is limited to version 10 to 15 in install/ffextension/install.rdf. Do we need the upper limit?


2. In install/html/ssbrowser.html the step 5 is optional. Should we explain what's that for or why we need it? General users could be confused and stuck if they are given choices that they don't understand. It's probably better to make it a required step if it doesn't cause any problem.

<li> 5. Optional: Repeat the above procedure for the <tt>network.negotiate-auth.delegation-uris</tt> entry, using the same domain. </li>
delegation-uris setting should be removed. It is not needed since we
started using s4u2proxy mechanism.

/ Alexander Bokovoy

Freeipa-devel mailing list

Reply via email to