Bugs item #2164955, was opened at 2008-10-14 01:21 Message generated for change (Comment added) made by stuartlewis You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=119984&aid=2164955&group_id=19984
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None >Status: Closed >Resolution: Fixed Priority: 5 Private: No Submitted By: ylatt (ylatt) >Assigned to: Stuart Lewis (stuartlewis) Summary: DSpace1.5.1(XML) problem with Login to restricted bitstreams Initial Comment: Software 1. JSP 1.5.1 is fine, no issue. 2. XML 1.5 is fine. It can redirect to "This bitstream is restricted" after login. 3. Have a very lightly customised XML 1.5.1, in style sheet only, but asked another colleague with an out of the box XML 1.5.1 version and similar behaviour is exhibited. Problem: We have bitstreams that are restricted to administrator or collection admins, if a user who does not have authorisation to that bitstream logs into the restricted item they continue to receive the login screen instead of getting a "not authorised message" or they loop around endlessly and hang the browser session. To Test this 1. You can create a new record or use an existing one 2. Make sure that the item has read access to metadata record and change the authorisation to either admin or a collection admin group. (we have tried both) 3. Logout of your account and clear the cache 4. Login with another account that has no access and you will continue to loop around in the login cycle after the second time you get an error message, odd browser behaviour or page not found. Here is the error message from log when the 2nd user without access logs in. 2008-10-09 17:31:34,258 INFO org.dspace.app.xmlui.utils.AuthenticationUtil @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2D 195BBBC7B1FFB:ip_addr=130.216.69.238:failed_login:email=, realm=null, result=4 2008-10-09 17:31:34,468 INFO org.dspace.authenticate.PasswordAuthentication @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2 D195BBBC7B1FFB:ip_addr=130.216.69.238:authenticate:attempting password auth of user= 2008-10-09 17:31:34,470 INFO org.dspace.app.xmlui.utils.AuthenticationUtil @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2D 195BBBC7B1FFB:ip_addr=130.216.69.238:failed_login:email=, realm=null, result=4 2008-10-09 17:31:34,590 INFO org.dspace.authenticate.PasswordAuthentication @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2 D195BBBC7B1FFB:ip_addr=130.216.69.238:authenticate:attempting password auth of user= 2008-10-09 17:31:34,592 INFO org.dspace.app.xmlui.utils.AuthenticationUtil @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2D 195BBBC7B1FFB:ip_addr=130.216.69.238:failed_login:email=, realm=null, result=4 2008-10-09 17:31:34,733 INFO org.dspace.authenticate.PasswordAuthentication @ [EMAIL PROTECTED]:session_id=222BFE9CA6411C87F2 D195BBBC7B1FFB:ip_addr=130.216.69.238:authenticate:attempting password auth of user= Leonie Hayes Research Repository Librarian http://www.library.auckland.ac.nz/contacts/?firstname=&lastname=hayes http://researchspace.auckland.ac.nz ---------------------------------------------------------------------- >Comment By: Stuart Lewis (stuartlewis) Date: 2008-12-01 20:01 Message: Fixed ready for DSpace 1.5.2 (return null if no username / password are given rather than constantly trying to authenticate with empty values). This is a rollback of SVN revision 2860. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=119984&aid=2164955&group_id=19984 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Dspace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-devel
