[MDL-46685] Alternate login URL behaviour (avoid extra http redirect) - Moodle Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Development in progress
Priority: Minor
Resolution: Unresolved
Affects Version/s: 2.7.1
Fix Version/s: None
Component/s: Authentication
Labels:

Affected Branches:
MOODLE_27_STABLE
Pull from Repository:
git://github.com/xow/moodle.git
Pull Master Branch:
MDL-46685-master
Pull Master Diff URL:
https://github.com/xow/moodle/compare/7c32b87...MDL-46685-master
Workaround:
Hide

Add html to your frontpage to warn users about the self-signed certificate browser warning
or

Purchase a ssl certificate from an approved source
Show
Add html to your frontpage to warn users about the self-signed certificate browser warning or Purchase a ssl certificate from an approved source
Difficulty:
Easy

Description

Hi!

Our settings: 'alternateloginurl' is set to customized login page, 'forcelogin' is set to true, 'loginhttps' is set to true (self-signed certificate).

The main goal of customized login page (accessible via http) is about to provide users with instruction about self-signed certificate browser warning.

But current moodle behaviour is a bit confusing: regardless of 'alternateloginurl' settings get_login_url() function is called first and redirects to hardcoded login/index.php and only then within login/index.php 'alternateloginurl' is checked. In this situation browser warning about self-signed certificate appears before our customized login page because https://site/login/index.php is requested prior to customized page.

I think that it is needed to check 'alternateloginurl' inside get_login_url() function.

Thank you in advance.

Attachments

Issue Links

has a non-specific relationship to

MDL-67053 Allow bypassing alternateloginurl config setting with a URL param

Waiting for peer review

MDL-42834 Deprecate loginhttps

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Sergey

Peer reviewer:: Frédéric Massart

Participants:: Frédéric Massart, John Okely, Marina Glancy, Sergey

Component watchers:: David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 1 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 06/Aug/14 4:29 AM

Updated:: 15/Nov/21 9:07 AM