Hi SDK-Public, I've written an SSO handler and it has a bad behaviour.
When the SSO handler recognizes a user (by the host IP address) and returns the user object, the website (version 4.1.3) flashes the user/login page in the browser before redirecting the user to the user's requested destination. I would love to know what is going on with this. It looks to me that the templates are parsed and the output is generated before the SSO handler is invoked. This is based on the unavailability of a session variable set in the SSO handler. It also appears to me that the redirection to the requested page is achieved with a client-side redirection - via the "location" header. As Andre R. points out, this is the sort of thing that causes hellish burning. (http://issues.ez.no/17148) One of the things that prevents any decent work around is that the actual URL of the page that is returned (and that contains the redirection) is the the URL of the requested page, not user/login or user/fooledyoulogin or something. Has anyone else dealt with this spurious page flash? My current workaround is to hide the login for a few seconds. It sucks horribly. Regards, Doug Plant -- [email protected] | mugo.ca | office: 778-373-6600 -- Sdk-public mailing list [email protected] http://lists.ez.no/mailman/listinfo/sdk-public
