Change #9327
| Category | None |
| Changed by | Galen Charlton <gmc@equinoxOLI.org> |
| Changed at | Sun 05 Mar 2023 15:14:46 |
| Repository | git://git.evergreen-ils.org/Evergreen.git |
| Project | Evergreen |
| Branch | master |
| Revision | b860ffa9414c6e2946287940b16179ab02f9be3e |
Comments
LP#1996908: allow OpenILS::WWW::Proxy::Authen to check eg.auth.token
This patch allows the authentication handler to accept the
'eg.auth.token' cookie coming from the staff client if a 'ses' parameter
or 'ses' cookie has not been set. This allows resources gated by
this handler to be accessed by a staff member who has logged
into the staff client without requiring an additional login.
To test
-------
[1] Create a report and note the URL of one of its
outputs.
[2] In a completely fresh browser session, log into the
staff client, then directly load the reporter output.
You will be prompted to log in again because the 'ses'
cookie was not set.
[3] Apply the patch and repeat step 2. This time, the reporter
output should be directly retrieved.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Changed files
- Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy/Authen.pm