У меня есть ситуация, когда пользователь аутентифицируется и возвращается к текущей странице, а не к цели.Почему ColdFusion перенаправляет на текущую страницу после проверки подлинности, а не на целевую страницу?
- Пользователь вводит слово поиска и нажимает кнопку ввода.
- Страница поиска показывает результат на странице со ссылками.
- Пользователь нажимает на ссылку, чтобы просмотреть страницу сведений.
- Страница сведений требует аутентификации.
- Он перенаправляет пользователя на страницу аутентификации. На данный момент в custom_application.cfm странице , она показывает HTTP_REFERER как:
https://devbox.mysite.com/search/?search=calendar - аутентифицирован и затем возвращается на страницу https://devbox.mysite.com/search/?search=calendar а не https://devbox.mysite.com/kb/article/calendar страницы, которая является связующим звеном , что пользователь нажал и хочет туда попасть.
Я нашел article Бена Надаля, который говорит о проблеме с CFLocation, но он не обеспечивает решения вопроса или, по крайней мере, я не чувствую, что было решение для моей ситуации.
Вот часть кода в специально application.cfm файле:
<cfif cgi.query_string contains "login=1">
<cfif not cgi.query_string contains "forcelogin=1">
<cflog text="SERVER_NAME: #cgi.SERVER_NAME#" type="Information" file="Authentication">
<cflog text="PATH_INFO: #cgi.PATH_INFO#" type="Information" file="Authentication">
<cflog text="PATH_TRANSLATED: #cgi.PATH_TRANSLATED#" type="Information" file="Authentication">
<cflog text="SCRIPT_NAME: #cgi.SCRIPT_NAME#" type="Information" file="Authentication">
<cflog text="QUERY_STRING: #cgi.QUERY_STRING#" type="Information" file="Authentication">
<cflog text="REMOTE_HOST: #cgi.REMOTE_HOST#" type="Information" file="Authentication">
<cfif cgi.http_referer contains "search/?search=">
<cflog text="cgi.http_referer contains: #cgi.http_referer#" type="Information" file="Authentication">
<cfset tmp=ReReplace(cgi.http_referer, "^.+\.mysite\.com", "")>
<cfset scriptName=ReReplace(cgi.script_name, "^index.cfm\.+", "")>
<cflog text="scriptName: #scriptName#" type="Information" file="Authentication">
<!---<cfset qryString=ReReplace(#tmp#, "/search/?search=", "")>--->
<cfscript>
qryString = replace(#tmp#, "/search/?search=", "", "All");
</cfscript>
<cflog text="qryString: #qryString#" type="Information" file="Authentication">
<cfset session.preauthurl="#request.author_url#/kb/article/#qryString#">
<cflog text="After cfset session.preauthurl: #request.author_url#/kb/article/#qryString#" type="Information" file="Authentication">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
<cfelse>
<!---<cfset session.preauthurl="#cgi.http_referer#">--->
<cflog text="session.preauthurl-172: #session.preauthurl#" type="Information" file="Authentication">
<cflog text="cflocation url: #request.author_url#/authenticate.cfm" type="Information" file="Authentication">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
</cfif>
<!---<cfset session.preauthurl="#cgi.http_referer#">
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">--->
<cfelse>
<cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">
</cfif>
</cfif>
А вот часть кода в файле authenticate.cfm:
<!--- if this user is not marked as a "licensed contributor", mark them as such.--->
<cfif session.user.LICENSEDCONTRIBUTOR eq 0>
<cftry>
<CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">
<cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">
UPDATE Users
SET LicensedContributor = '1'
WHERE ID = #session.user.id#
</cfquery>
<cfset session.user.LicensedContributor = "1">
</CFLOCK>
<cfcatch>
<cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>
</cfcatch>
</cftry>
</cfif>
<cflog text="preAuthUrl-63: #session.preAuthUrl#" type="Information" file="Authentication">
<!---we are now logged in, so redirect somewhere--->
<cfif session.preAuthUrl eq "">
<!---not sure where we came from, so redirect to the homepage--->
<cflocation url="/" addtoken="no">
<cfelse>
<!---The tmp here will cause interna server error because it was not defined anywhere.--->
<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>
<cfif session.preAuthUrl contains "login=1">
<cfif tmp eq "">
<cflocation url="/" addtoken="no">
<cfelse>
<cflog text="tmp-75: #tmp#" type="Information" file="Authentication">
<cflocation url="#tmp#" addtoken="no">
</cfif>
<cfelse>
<!---<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>--->
<cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">
<cflocation url="#request.author_url##tmp#" addtoken="no">
</cfif>
</cfif>
</cfif>
<cflog text="http_referer: #cgi.http_referer#" type="Information" file="Authentication">
<!---go back to wherever we came from--->
<cflocation url="#cgi.http_referer#" addtoken="no">
И вот что журнал показывает:
========================This is the first time hitting the custom-appliction==================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","cgi.http_referer contains: https://devbox.mysite.com/search/?search=calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","scriptName: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","qryString: calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","After cfset session.preauthurl: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
----------------noticed that it never gets to the "http_referer" log at the bottom which is the correct behavior------------------------------------------
========================Now, it hits the target page of "calendar" and it launches the custom-appliction again=====================================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","REMOTE_HOST: 10.34.3.251"
---------------------Noticed the line below shows the target page correctly in session.preauthurl variable------------------------------------------
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
----------------------Noticed the line above here (final URL) shows the correct target page--------------------------------------------------------
=======================But it never actually gets to the target page, it went back to the custom-appliction file again as shown below===================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"
"Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"
=========================And it finally quits in Firefox but in IE it keeps going forever====================================================================
Это то, что я так и думал. Однако, чтобы проверить это, если пользователь уже находится на странице сведений, и он пытается войти в систему вручную (вместо автоматической проверки, был ли текущий пользователь аутентифицирован или нет), он аутентифицируется и возвращается обратно к деталям, стр. – Charlie123