Hi,
I just wanted to test if it is my code or not...
I quickstarted a test application placed behind apache with ssl.
root.py - about - redirect to data
It exhibited the same phenomenon:
https://tacml.hegelab.orgdata/
So I think in 2 possibilities:
1. my apache configuration has some problem.
2. TG has a bug
I try to check my apache configuration tomorrow. However, it is unlikely
to be an apache problem, as it works if there is no "redirect".
I do not think that I can dig into TG...
Thanks,
Tamas
On 01/13/2015 12:06 PM, Tamas Hegedus wrote:
I am a little bit shy to share my ugly code... :-)
There are 3 fields in my login form. In my pre_login I extract the 3rd
one (skey) and redirect to login_handler (or back to the login page)
I have an extra question at the end, inserted in my code.
Thanks a lot!
#------------------------------------
# I edited the indents for readability
def pre_login(self, **kw):
user_name = kw.get('login',None)
ERR = False
# Check the username
if user_name is None:
ERR = True
else:
try:
user =
User.query.filter(User.user_name==user_name).one()
except sqlalchemy.orm.exc.NoResultFound:
ERR = True
if ERR:
login_counter = request.environ.get('repoze.who.logins',0)+1
redirect('/login', params=dict(came_from=kw['came_from'],
__logins=login_counter))
else:
# Check the skey - this is the 3rd field
skey = kw.get('skey', None)
# this is a prestored object with an encrypted
# property (I (will) know the encryted property only for
# this object)
ttaj = TAJ.query.filter(TAJ.cml_id=="CML00000").one()
ttaj.skey=str(skey)
# decryption happens, if it is not OK then
# the skey is not valid; go back to login
if ttaj.taj != "000111222":
login_counter =
request.environ.get('repoze.who.logins', 0) + 1
redirect('/login',
params=dict(came_from=kw['came_from'],
__logins=login_counter))
else:
# extra Q: I would like to store session data in file
# but I have a key shared by specific user that
# I do not want to appear in any file on my server.
# Is this a good pattern? (At this moment I could have
# "global skey" and not a dict, but for future...)
global skeyD
skeyD[user_name] = skey
redirect('/login_handler', kw)
# here I also tried return HTTPFound
On 01/13/2015 11:49 AM, Moritz Schlarb wrote:
Could you please also share the relevant code from your mypre_login
function?
Am 13.01.2015 um 11:41 schrieb Tamas Hegedus:
Hi,
I have a TG application running fine as a stand alone application.
TG: Current: 2.3.4
I place it behind Apache, since I need https.
It works. Some of the pages.
If I try to login then the redirection between the "handlers" exhibit an
error: there is no "/" between the domain name and the function.
login.html --> action: mypre_login which redirects to login_handler -->
page is not available: https://tacml.hegelab.orglogin_handler/ in the
browser
I tried to redirect with 'redirect' and 'return HTTPFound'
and got the same result.
I can not decide whether or not this is an error in my apache
configuration or something with TG. Below is my virtual host file for
apache.
Thanks for your help in advance,
Tamas
IfModule mod_ssl.c>
<VirtualHost 195.111.72.57:443>
ServerAdmin [email protected]
ServerName tacml.hegelab.org
ServerAlias tacml.hegelab.org
DocumentRoot /home/****/tg23/mutdb23/mutdb23/public
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:****/
ProxyPreserveHost on
ErrorLog ${APACHE_LOG_DIR}/tacml-error.log
LogLevel debug
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
--
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/turbogears.
For more options, visit https://groups.google.com/d/optout.
