• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item5807: Topic edit without previous log-in results in edit of log in screen (trunk TSA)

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Engine Log-in Urgent Closed   major 5.0.0

Edit Form Data

Summary:
Reported By:
Codebase:
Applies To:
Component:
Priority:
Current State:
Waiting For:
Target Release:
Released In:
 

Detail

Trying to edit a topic without having logged in oneself before, leads automatically to the WYSIWYG editor, but editing the log in screen itself instead of the page one wanted to edit originally. I suppose it sounds a little confusing, so I will try to explain myself step by step:

  1. I am watching any TWiki topic without being logged in. So in the menu on the left side appears Log in or Register.
  2. I touch the Edit button or use the commando Raw edit.
  3. TWiki requests username and password.
  4. After entering my data, I should be forwarded to the editor, showing the page I want to edit. But instead I am forwarded to an editor showing the log in screen (see also attached image below).

  • HELP When I log in before trying to edit a page, everything works fine.

  • Screenshot of WYSIWYG editor with log in screen:
    screenshot.png

-- TWiki:Main/SebastianKlus - 23 Jul 2008

Are you using template or apache login?

What are the settings in configure related to security?

-- TWiki:Main.KennethLavrsen - 23 Jul 2008

Security settings are:

{SafeEnvPath} = /bin:/usr/bin
{UseClientSessions} enabled
{LoginManager} = TWiki::LoginManager::TemplateLogin
{UserMappingManager} = TWiki::Users::TWikiUserMapping
{Register}{AllowLoginName} disabled
{Register}{EnableNewUserRegistration} enabled
{Register}{NeedVerification} disabled
{PasswordManager} = TWiki::Users::HtPasswdUser
{MinPasswordLength} = 1
{Htpasswd}{FileName} = /var/www/svn/twiki/core/data/.htpasswd
{Htpasswd}{Encoding} = crypt

Basically standard svn configuration.

-- TWiki:Main.SebastianKlus - 24 Jul 2008

I have tried to reproduce this

I have used the same security settings. I do not see this problem.

Did you recently change from Apache to Template login?

One major difference between the two is that with Template login only the configure script needs to be protected by a httpd config file or .htaccess file. With Apache login you authenticate a list of scripts in the bin directory.

When you change from Apache to Template it is easy to forget to remove the lines from the apache config that authenticates the bin files and then you end up with a strange double authentication.

Also what version of TWiki is this in? 4.2.0? 4.2.1 SVN code? Or trunk checked out from SVN?

-- TWiki:Main.KennethLavrsen - 24 Jul 2008

Sorry for the lacking details.

First of all, I am checking out the trunk from SVN.

I just went through the various revisions and the problem seems starting to occur with revision 17070. I cannot exactly figure out in what revision, as around rev. 17070 there seem to be some software errors (at least this is what appears as error message in my browser), but I can confirm that after that rev. the described problem is persistent.

Just to avoid any missunderstandings and to make sure I explained myself well:
The problem is not the login. The problem is that after the login (which is successful), the editor shows the login screen again, as if I wanted to edit it. That means that instead of the topic I am originally coming from and that I want to edit, the login screen as it can be seen in the attached image shows up within the edit box.

Following the URLs that are shown in my browser:

  • URL of starting topic: http://localhost/svn/twiki/core/bin/view/Sandbox/PruebaSandbox
  • URL when clicking on the [Edit] button: http://localhost/svn/twiki/core/bin/login/Sandbox/PruebaSandbox?origurl=/svn/twiki/core/bin/edit/Sandbox/PruebaSandbox%3ft%3d1216958377;t=1216958377
    • Here I am redirected to the login screen, which is fine because I have not logged in at that time.
  • URL after login: http://localhost/svn/twiki/core/bin/edit/Sandbox/PruebaSandbox?twiki_redirect_cache=0a4b41b959dd851887c60ed0cbf89105
    • This is when the login screen appears again but within the edit box!

Another curiosity by the way: The title of the edit screen shows WebHome (edit) (see also image above) although it should say PruebaSandbox (edit).

And just to make it perfectly confusing wink All of this does not happen, when I log in before trying to edit the PruebaSandbox topic.

-- TWiki:Main.SebastianKlus - 25 Jul 2008

That makes a big difference.

There will be many bugs related to the stand alone rewrite in trunk.

Right now I focus 100% on getting 4.2.1 out and each time a new urgent bug blocks the release I am all over it.

So please everyone make sure you write clearly that it is a trunk only bug.

I actually took the time to try template login in trunk editing a page without being logged in first. And I do not see your problem.

When you svn updated the trunk did you remember to delete viewauth and svn update? In the "old days" you would have a copy of view called viewauth but it was not one you checked out of svn. Gilmar added the viewauth script as part of his changes.

There is also some code changes related to localhost. Do you have same problem if you access your server with real domain name instead of localhost?

-- TWiki:Main.KennethLavrsen - 25 Jul 2008

Sorry for causing you nearly a nervous breakdown, Kenneth smile

I'll check into the items you mentioned when I am back at my PC tonight and inform you about any result. Just two questions: I have never heard something of having to delete viewauth, but I will do so before doing the next svn update as I have not done so. Regarding testing with a real domain: I am running TWiki on a local test environment. But maybe I will have the chance to upload it to our company server and then I will come back to you on that.

-- TWiki:Main.SebastianKlus - 25 Jul 2008

You do not need to make a dramatic step like uploading to a company server to play with a real URL.

Just invent some domain like mymachine.mycompany.com and define it two places.

In the {DefaultUrlHost} in TWiki configure and in the /etc/hosts file of the machine pointing to the IP address of the machine or simply 127.0.0.1.

Then the browser will be told by the computer that that domain is itself.

-- TWiki:Main.KennethLavrsen - 25 Jul 2008

If you believe it or not, but the problem remains. I deleted authview, I reconfigured the URL, I even deleted everything and build up the svn install from scratch - no changes, everything the same.

In addition to that I can confirm, that when e.g. creating a new topic in Sandbox (let's call it TestTopic) without previous login, I get to the same result: The login screen is shown inside the WYSIWYG editor instead of the new, still empty topic.

Here an extract of the access.log - maybe it is of any help:
#1 - Creating TestTopic without previous login:

127.0.0.1 - - [26/Jul/2008:12:37:02 -0600] "GET /svn/twiki/core/bin/edit/Sandbox/?topic=TestTopic&onlywikiname=on&onlynewtopic=on HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/view/Sandbox/WebHome" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:37:02 -0600] "GET /svn/twiki/core/bin/login/Sandbox/TestTopic?topic=TestTopic;onlynewtopic=on;origurl=/svn/twiki/core/bin/edit/Sandbox/%3ftopic%3dTestTopic%26onlywikiname%3don%26onlynewtopic%3don;onlywikiname=on HTTP/1.1" 200 8197 "http://twiki.home/svn/twiki/core/bin/view/Sandbox/WebHome" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:37:07 -0600] "POST /svn/twiki/core/bin/login/Sandbox/TestTopic HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/login/Sandbox/TestTopic?topic=TestTopic;onlynewtopic=on;origurl=/svn/twiki/core/bin/edit/Sandbox/%3ftopic%3dTestTopic%26onlywikiname%3don%26onlynewtopic%3don;onlywikiname=on" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:37:08 -0600] "GET /svn/twiki/core/bin/edit/Sandbox/?twiki_redirect_cache=09437e50021fb21727b53283f9e1aef7 HTTP/1.1" 200 24026 "http://twiki.home/svn/twiki/core/bin/login/Sandbox/TestTopic?topic=TestTopic;onlynewtopic=on;origurl=/svn/twiki/core/bin/edit/Sandbox/%3ftopic%3dTestTopic%26onlywikiname%3don%26onlynewtopic%3don;onlywikiname=on" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:37:09 -0600] "POST /svn/twiki/core/bin/rest/WysiwygPlugin/tml2html HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/edit/Sandbox/?twiki_redirect_cache=09437e50021fb21727b53283f9e1aef7" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:37:10 -0600] "GET /svn/twiki/core/bin/login/Main/TestTopic?twiki_redirect_cache=bb053387ef472131bcb7b60c64310d32 HTTP/1.1" 200 8157 "http://twiki.home/svn/twiki/core/bin/edit/Sandbox/?twiki_redirect_cache=09437e50021fb21727b53283f9e1aef7" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"

#2 - Editing the existing TestTopic without previous login:

127.0.0.1 - - [26/Jul/2008:12:48:12 -0600] "GET /svn/twiki/core/bin/edit/Sandbox/TestTopic?t=1217098023 HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/view/Sandbox/TestTopic" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:48:13 -0600] "GET /svn/twiki/core/bin/login/Sandbox/TestTopic?origurl=/svn/twiki/core/bin/edit/Sandbox/TestTopic%3ft%3d1217098023;t=1217098023 HTTP/1.1" 200 8050 "http://twiki.home/svn/twiki/core/bin/view/Sandbox/TestTopic" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:48:18 -0600] "POST /svn/twiki/core/bin/login/Sandbox/TestTopic HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/login/Sandbox/TestTopic?origurl=/svn/twiki/core/bin/edit/Sandbox/TestTopic%3ft%3d1217098023;t=1217098023" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:48:19 -0600] "GET /svn/twiki/core/bin/edit/Sandbox/TestTopic?twiki_redirect_cache=96934d9b336fc8b2a6309883b6f95244 HTTP/1.1" 200 26011 "http://twiki.home/svn/twiki/core/bin/login/Sandbox/TestTopic?origurl=/svn/twiki/core/bin/edit/Sandbox/TestTopic%3ft%3d1217098023;t=1217098023" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:48:20 -0600] "POST /svn/twiki/core/bin/rest/WysiwygPlugin/tml2html HTTP/1.1" 302 - "http://twiki.home/svn/twiki/core/bin/edit/Sandbox/TestTopic?twiki_redirect_cache=96934d9b336fc8b2a6309883b6f95244" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"
127.0.0.1 - - [26/Jul/2008:12:48:21 -0600] "GET /svn/twiki/core/bin/login/Main/WebHome?twiki_redirect_cache=d4a551eff1db2105749ac87eb1d78dab HTTP/1.1" 200 10135 "http://twiki.home/svn/twiki/core/bin/edit/Sandbox/TestTopic?twiki_redirect_cache=96934d9b336fc8b2a6309883b6f95244" "Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.0.1) Gecko/2008071717 Firefox/3.0.1"

And to complete the record:

Operating system: Ubuntu 8.04
Webserver: Apache 2.2.8
Perl: 5.8.8
Browser: Firefox 3.0.1

-- TWiki:Main.SebastianKlus - 26 Jul 2008

What about the localhost vs using a domain name in the URL?

Also can we see the TWiki apache.conf you are using? (attach it)

-- TWiki:Main.KennethLavrsen - 27 Jul 2008

I could reproduce the problem. I already found the cause and will fix soon.

-- TWiki:Main.GilmarSantosJr - 27 Jul 2008

This was fixed 2008-08-09 by Gilmar.

Changing this from "waiting for release" to "closed" since this is a trunk only bug, e.g. should not be listed in TWiki-5.0.0 release notes.

-- TWiki:Main.PeterThoeny - 29 May 2010

ItemTemplate
Summary Topic edit without previous log-in results in edit of log in screen (trunk TSA)
ReportedBy TWiki:Main.SebastianKlus
Codebase ~twiki4
SVN Range TWiki-5.0.0, Tue, 22 Jul 2008, build 17070-17112
AppliesTo Engine
Component Log-in
Priority Urgent
CurrentState Closed
WaitingFor

Checkins TWikirev:17381
TargetRelease major
ReleasedIn 5.0.0
Topic attachments
I Attachment History Action Size Date Who Comment
PNGpng screenshot.png r1 manage 106.7 K 2008-07-23 - 05:26 SebastianKlus Screenshot of WYSIWYG editor with log in screen
Edit | Attach | Watch | Print version | History: r17 < r16 < r15 < r14 < r13 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r17 - 2010-05-29 - PeterThoeny
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback