741685 - https redirect doesn't allow top bar log in and no error message when ssl_redirect/sslbase is missing

Status: UNCONFIRMED

(Bugzilla :: Administration, task)

Description

[f305159]

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19

Steps to reproduce:

1. Installed bugzilla 4.2 with Apache and http (no https), private bug database (login required to view and file), all working great.
...a few months later
2. Bought SSL certs for my domain, enabled for Apache and turned on Apache rewrite: http:// -> https://
All Apache-served sites on my server working great with https.


Actual results:

Could not log into bugzilla anymore using the top bar of the UI. It allows me to fill in my user ID and password, I click login, but nothing happens.

I could still log in using the other dialog page that comes up when another link is clicked that requires a login ("New", etc).


Expected results:

UI at the top should alert me to setting ssl_redirect and sslbase.

Knowing the answer now, it's easy. But finding it was very, very difficult.

Comment 1

[Frédéric Buclin]

This is not a bug, but could possibly be mentioned in the documentation.

Comment 2

[f305159]

That's right, this is not a bug.

> UI at the top should alert me to setting ssl_redirect and sslbase.

It is a feature request.

Comment 3

[f305159]

This non-obvious configuration mistake can have a simple UI fix.

It is not a major issue, but it is quite irritating and tough to fix, and the UI is misbehaving: enter username and password, click to log in, and nothing happens.

As "documentation" this is miscategorised.

Comment 4

[Gervase Markham [:gerv]]

So, how would this work? If you are accessing Bugzilla over HTTPS and sslbase is not set, add a message to the top of every page encouraging the admin to set it?

Gerv