Closed
Bug 742517
Opened 13 years ago
Closed 8 years ago
If using BrowserID and allowing anonymous access, "Sign In" link should load BrowserID directly, not go to standalone login page
Categories
(Mozilla QA Graveyard :: MozTrap, defect)
Mozilla QA Graveyard
MozTrap
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: carljm, Unassigned)
Details
No description provided.
|
||
Comment 1•13 years ago
|
||
A Pivotal Tracker story has been created for this Bug: http://www.pivotaltracker.com/story/show/27549397
|
|
||
Comment 2•13 years ago
|
||
Carl Meyer changed story state to started in Pivotal Tracker
|
|
||
Comment 3•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
Ok, in the direct-sign-in branch this is working, but since the JS for browserid and the styling are both tied into the same ID, the styling is wrong. I'm not sure we need the BrowserID sign-in button here, though if there's a way to make it fit in nicely I suppose it doesn't hurt.
|
|
||
Comment 4•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
Oh, to test this of course you need ALLOW_ANONYMOUS_ACCESS = True in your settings/local.py.
|
|
||
Comment 5•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
In trying this, I get the browserID dialog, and when I select a user and sign in, then I get back to MozTrap with: 403: Reason given for failure: CSRF token missing or incorrect.
|
|
||
Comment 6•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
anonymous access is set to true, and my siteurl is set to localhost:8000
|
|
||
Comment 7•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
Ok, dunno why I didn't see this problem before, but the approach taken in the direct-sign-in branch won't work as we'd have to put the anonymous_csrf decorator on every single view (we could actually do this via django-session-csrf's ANON_ALWAYS setting, but I need to think about the implications of that for caching anonymous page views, as it would cause a unique cookie to be set on every page view).
Another alternative might be to have the login link on all pages still go to the login page, but with a special querystring or fragment flag to tell the JS on the login page to just immediately simulate a click on the browserid button?
|
|
||
Comment 8•13 years ago
|
||
Carl Meyer changed story state to unstarted in Pivotal Tracker
Mass-closing remaining MozTrap bugs as WONTFIX, due to 1) the Mozilla-hosted instance being decommissioned (see https://wiki.mozilla.org/TestEngineering/Testrail), and, for now, 2) the still-up code archived at its GitHub page: https://github.com/mozilla/moztrap (we'll decide what's next for that, in the near future).
See also the history and more-detailed discussion which led us here, at https://groups.google.com/forum/#!topic/mozilla.dev.quality/Sa75hV8Ywvk
(If you'd like, you should be able to filter these notification emails using at least the unique string of "Sa75hV8Ywvk" in the message body.
Thanks!
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
|
||
Updated•7 years ago
|
Product: Mozilla QA → Mozilla QA Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•