CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Installing CiviCRM »
  • Joomla! Installations (Moderator: Deepak Srivastava) »
  • [SOLVED] sh404SEF && Force SSL == Administrator := Can't log in
Pages: [1]

Author Topic: [SOLVED] sh404SEF && Force SSL == Administrator := Can't log in  (Read 3343 times)

ken

  • I live on this forum
  • *****
  • Posts: 916
  • Karma: 53
    • City Bible Forum
  • CiviCRM version: 4.6.3
  • CMS version: Drupal 7.36
  • MySQL version: 5.5.41
  • PHP version: 5.3.10
[SOLVED] sh404SEF && Force SSL == Administrator := Can't log in
July 14, 2009, 11:43:39 pm
Disclaimer: This is not strictly a CiviCRM issue, but it arose when I was trying to secure access to CiviCRM via the Joomla! backend. There is a pending fix to Joomla!. I'm posting it here in case someone else hits this wall.

Background: I want access to CiviCRM in the Joomla! backend to be secure, and I want to use sh404SEF on the front-end.

Symptoms: Could not log into administrator screen. The login screen was re-presented each time I tried.

Cause: This was due to a combination of factors.
  • sh404SEF requires that the config.live_site is set to a value like "http://site.org"
  • Setting the Global Configuration of Joomla to Force SSL for the Administrator interface sets config.force_ssl to "1"
  • JURI:base() returns config.live_site if that value is set
  • I don't know the exact details but it seems (starting with a https connection at the login screen) that after the user presents their credentials and clicks "login", that having config.live_site set causes the connection to be changed to http and then having config.force_ssl set changes it back to a https connection. The credentials seem to get lost along the way, and Joomla! asks the user to login. A loop.
  • The credit goes to John-Paul Takats who describes the problem at http://forum.joomla.org/viewtopic.php?f=431&t=374927&p=1614444#p1614444
  • A tracker ticket has been raised against Joomla 1.5.x at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=15458

The following patch output shows the change required to fix Joomla 1.5.10, once again thanks to John-Paul.

Code: [Select]
--- /data/Download/Joomla!/Joomla_1.5.10-Stable-Full_Package/libraries/joomla/environment/uri.php 2008-09-10 07:14:40.000000000 +1000
+++ /data/Work/IT/Joomla/Patches/libraries/joomla/environment/uri.php 2009-07-15 15:43:07.000000000 +1000
@@ -212,6 +212,11 @@
  $base['prefix'] = $uri->toString( array('scheme', 'host', 'port'));
  $base['path'] = rtrim($uri->toString( array('path')), '/\\');
  if(JPATH_BASE == JPATH_ADMINISTRATOR) {
+ $force_ssl = $config->getValue('config.force_ssl');
+ if($force_ssl > 0){
+ $base['prefix'] =
+ ereg_replace("http://","https://",$base['prefix']);
+ }
  $base['path'] .= '/administrator';
  }
  } else {
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Installing CiviCRM »
  • Joomla! Installations (Moderator: Deepak Srivastava) »
  • [SOLVED] sh404SEF && Force SSL == Administrator := Can't log in

This forum was archived on 2017-11-26.