[open-ils-commits] r16865 - in trunk/Open-ILS: examples/apache web/opac/common/js web/opac/skin/default/xml/common (erickson)

svn at svn.open-ils.org svn at svn.open-ils.org
Wed Jul 7 09:46:39 EDT 2010 

Author: erickson
Date: 2010-07-07 09:46:37 -0400 (Wed, 07 Jul 2010)
New Revision: 16865

Modified:
   trunk/Open-ILS/examples/apache/eg_vhost.conf
   trunk/Open-ILS/web/opac/common/js/opac_utils.js
   trunk/Open-ILS/web/opac/skin/default/xml/common/js_common.xml
Log:
added OPAC support for 1) selecting SSL manually and having it stick and 2) forcing SSL when the user is logged in to protect auth tokens and other private data.  The latter option is enabled via new apache env variable

Modified: trunk/Open-ILS/examples/apache/eg_vhost.conf
===================================================================
--- trunk/Open-ILS/examples/apache/eg_vhost.conf	2010-07-07 02:13:19 UTC (rev 16864)
+++ trunk/Open-ILS/examples/apache/eg_vhost.conf	2010-07-07 13:46:37 UTC (rev 16865)
@@ -105,7 +105,12 @@
 
     # Specify the initial script URL for Novelist (containing account credentials, etc.)
     #SetEnv OILS_NOVELIST_URL
+    
 
+    # Uncomment to force SSL any time a patron is logged in.  This protects 
+    # authentication tokens.  Left commented out for backwards compat for now.
+    #SetEnv OILS_OPAC_FORCE_LOGIN_SSL 1
+
 </LocationMatch>
 
 

Modified: trunk/Open-ILS/web/opac/common/js/opac_utils.js
===================================================================
--- trunk/Open-ILS/web/opac/common/js/opac_utils.js	2010-07-07 02:13:19 UTC (rev 16864)
+++ trunk/Open-ILS/web/opac/common/js/opac_utils.js	2010-07-07 13:46:37 UTC (rev 16865)
@@ -329,11 +329,18 @@
 	*/
 }
 
+var forceLoginSSL; // set via Apache env variable
 function  buildOPACLink(args, slim, ssl) {
 
 	if(!args) args = {};
 	var string = "";
 
+    if( ssl == undefined && (
+            location.protocol == 'https:' ||
+            (forceLoginSSL && G.user && G.user.session))) {
+        ssl = true;
+    }
+
 	if(!slim) {
 		string = findBaseURL(ssl);
 		if(args.page) string += config.page[args.page];
@@ -799,7 +806,7 @@
 	
 	var nored = false;
 	try{ if(isFrontPage) nored = true; } catch(e){nored = false;}
-	if(!nored) goTo(buildOPACLink(args));
+	if(!nored) goTo(buildOPACLink(args, false, false));
 }
 
 

Modified: trunk/Open-ILS/web/opac/skin/default/xml/common/js_common.xml
===================================================================
--- trunk/Open-ILS/web/opac/skin/default/xml/common/js_common.xml	2010-07-07 02:13:19 UTC (rev 16864)
+++ trunk/Open-ILS/web/opac/skin/default/xml/common/js_common.xml	2010-07-07 13:46:37 UTC (rev 16865)
@@ -41,6 +41,10 @@
 			getId("home_adv_search_link").setAttribute("href", buildOPACLink({page:ADVANCED})); 
 			getId("home_myopac_link").setAttribute("href", buildOPACLink({page:MYOPAC}, false, true));
 		}
+
+        <!--#if expr="$OILS_OPAC_FORCE_LOGIN_SSL"-->
+            forceLoginSSL = true;
+        <!--#endif -->
 	</script>
 
 	<!-- enable Dojo date picker -->

More information about the open-ils-commits mailing list