Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #9139 (closed)

Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

Bug: web public url_filter

Reported by: wmoore Owned by: cxallan
Priority: critical Milestone: OMERO-4.4
Component: Web Version: n.a.
Keywords: n.a. Cc:
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: 0.0d
Sprint: 2012-07-03 (18)

Description

I have these values set up

jrs-macbookpro-25107:OMERO will$ omero config get
omero.web.debug=True
omero.web.public.enabled=True
omero.web.public.password=ome
omero.web.public.url_filter=webtest
omero.web.public.user=emdb_public

However, when I go to localhost:8000/webtest
I don't get logged in (redirected to webclient login).

If I do this, then the public login works for that url:

diff --git a/components/tools/OmeroWeb/omeroweb/decorators.py b/components/tools/OmeroWeb/omeroweb/decorators.py
index 7acbf48..bf41ef1 100644
--- a/components/tools/OmeroWeb/omeroweb/decorators.py
+++ b/components/tools/OmeroWeb/omeroweb/decorators.py
@@ -155,7 +155,9 @@ class login_required(object):
         Verifies that the URL for the resource being requested falls within
         the scope of the OMERO.webpublic URL filter.
         """
-        return settings.PUBLIC_URL_FILTER.match(request.path) is not None
+        p = request.path.strip("/")
+        return settings.PUBLIC_URL_FILTER.match(p) is not None
 
     def get_connection(self, server_id, request):

I'm no regex expert, but I'm sure there's a nicer way to fix this one?

Change History (6)

comment:1 Changed 9 years ago by cxallan

  • Remaining Time set to 0.25

comment:2 Changed 9 years ago by cxallan

  • Status changed from new to accepted

comment:3 Changed 9 years ago by jburel

  • Sprint changed from 2012-06-19 (17) to 2012-07-03 (18)

Moved from sprint 2012-06-19 (17)

comment:4 Changed 9 years ago by cxallan

  • Remaining Time changed from 0.25 to 0
  • Resolution set to fixed
  • Status changed from accepted to closed

comment:5 Changed 9 years ago by Chris Allan <callan@…>

(In [41c8f373f925e8d552ed64600d7810b5489ba2ca/ome.git] on branch develop) Add a safety net for partial OMERO.webpublic configuration. (See #9139)

comment:6 Changed 9 years ago by Chris Allan <callan@…>

(In [85f04ef083af284934100da75fa05580c472338e/ome.git] on branch develop) Switch OMERO.webpublic URL filter to re.search. (Fixes #9139)

Previously the OMERO.webpublic URL filter was using re.match, which
would not allow more flexible regular expression matching. Switching to
re.search means that "exotic" matching techniques can be used, but does
mean that more explicit regular expressions are needed when attempting
to filter based on a base URL:

  • 'webtest' matches '/webtest' but also '/webclient/webtest'
  • 'dataset' matches '/webtest/dataset' and also '/webclient/dataset'
  • '/webtest' matches '/webtest...' but also '/webclient/webtest'
  • '/webtest' matches '/webtest...' but not '/webclient/webtest'

We'll have to be very explicit about this in the documentation if we
choose to keep the re.search.

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.67812 sec.)

We're Hiring!