Download & Extend
Secure Login » Issues

Does it work for /user ?

Posted by sergserv on June 3, 2007 at 4:51pm
Project:Secure Login
Version:5.x-1.x-dev
Component:Code
Category:bug report
Priority:normal
Assigned:avf
Status:closed (fixed)

Issue Summary

I tried to install the module, but found that it does not work for example.com/user authentication. The thing is that I don not have a user login form on my site, it is turned off. If anyone needs authentication he should go to example.com/user/.

Login or register to post comments

Comments

#1

Posted by avf on June 6, 2007 at 9:00am
Category:feature request» bug report
Assigned to:Anonymous» avf
Status:active» fixed

This should work now.

#2

Posted by Anonymous on June 20, 2007 at 9:17am
Status:fixed» closed (fixed)

#3

Posted by sergserv on June 24, 2007 at 3:10pm
Status:closed (fixed)» active

I do not see it is working.

1. If I enable the "Login block" and type in it a username and a password then I see the redirection to the https://sitename. However, if I use sitename/user for logging in then there is nothing happens.

2. After authorization using the "Login block" the whole site keeps running through https://, that does not seem right.

#4

Posted by avf on June 25, 2007 at 10:43am

It does work if you use the HEAD version. I've fixed it, but screwed up the tagging when I was trying to commit the change... I'm still trying to figure this out.

#5

Posted by Nick Urban on August 1, 2007 at 6:01pm

The version you can download still doesn't work, but it's an easy fix.

To make this work for /user logins, insert:

<?php
|| ($form_id == 'user_login'       && variable_get('securelogin_loginform',    TRUE) == TRUE)
?>

after line 87 in securelogin.module.

#6

Posted by abhayuser on August 1, 2007 at 6:22pm

Yes, this secure login works for me.
When i login to the site with http://www.abh.com after login. i got redirected to https://www.abc.com
But for this u need to have valid ssl certificate and need to make one change in sites/defaults/setting.php
Just remove comment from $base_url and give ur sites's https url
:)

#7

Posted by gorilla_ch on August 10, 2007 at 4:35pm

sergserv, have you solved the problem, or Nick Urban, have you tried your small code change?

I believe I am in the same situation of sergserv. I turn off the login block. I follow what Nick Urban said to change the code. But /user or /user/register does not work.

When you hover over the login button in "http://example.com/user", you see it will be redirected to "https://example.com/user". However nothing happens after you click the button. same happens to "http://example.com/user/register".

If there is no https redirection, everything works just fine.

#8

Posted by gagarine on October 8, 2007 at 9:15pm

The fix on comment #5 work, but you don't see a https on the /user page anyway the form is https protected. I know this ok for the security but the user don't know that and prefer a "yellow url" when he write a passwd ;).

#9

Posted by avf on October 12, 2007 at 11:30pm
Status:active» closed (fixed)

CVS is now fixed, so this should now be fixed.

nobody click here