Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-46685

Alternate login URL behaviour (avoid extra http redirect)

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Development in progress
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.7.1
    • Fix Version/s: None
    • Component/s: Authentication

      Description

      Hi!

      Our settings: 'alternateloginurl' is set to customized login page, 'forcelogin' is set to true, 'loginhttps' is set to true (self-signed certificate).

      The main goal of customized login page (accessible via http) is about to provide users with instruction about self-signed certificate browser warning.

      But current moodle behaviour is a bit confusing: regardless of 'alternateloginurl' settings get_login_url() function is called first and redirects to hardcoded login/index.php and only then within login/index.php 'alternateloginurl' is checked. In this situation browser warning about self-signed certificate appears before our customized login page because https://site/login/index.php is requested prior to customized page.

      I think that it is needed to check 'alternateloginurl' inside get_login_url() function.

      Thank you in advance.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              gmrsagar Sagar Ghimire
              Reporter:
              dfx Sergey
              Peer reviewer:
              Frédéric Massart
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: