[Building Sakai] Evaluation direct URLs just redirect to portal

Joshua Swink joshua.swink at gmail.com
Tue Jul 1 16:37:49 PDT 2014 

I'm still plugging away at this. It appears to be Firefox-related. When CAS
redirects back to Sakai after authenticating, Firefox will sometimes make
weird requests. It only happens for /direct/ paths, not /portal.

Normal Firefox requests when coming back from CAS:

1. GET https://sakai.school.org/sakai-login-tool/container?ticket=XXXXXXX
2. GET https://sakai.school.org/portal/site/content

Odd behavior involving /direct/ request:

1. GET https://sakai.school.org/sakai-login-tool/container?ticket=XXXXXXX
2. GET https://sakai.school.org/sakai-login-tool/container
3. GET https://sakai.school.org/portal

Request #1 is quickly aborted and then Firefox makes the same request, but
without the ticket (#2). Sakai sends it to the portal (#3) (because it
extracted the return-URL from the session for request #1 and no longer
knows where to send the user). The user IS successfully logged in, so Sakai
was able to process the ticket request. Firefox claims that the referrer
for both sakai-login-tool requests was CAS, but that seems unlikely.

Tamper Data and Firebug are showing me those 3 requests above, but the
built-in debugging tools of Firefox don't even show the aborted request
(#1). This indicates that the bug is at a somewhat deep level in Firefox.
Still, I'd like to find a way not to trigger it.

Josh




On Mon, Jun 30, 2014 at 3:58 PM, Joshua Swink <joshua.swink at gmail.com>
wrote:

> The students can't use the direct URLs to their evaluations. They receive
> an email with a URL like the following:
>
> https://<hostname>/direct/eval-assigngroup/1553038
>
> When they try to visit the URL, they end up back at /portal, in their home
> workspace. If they were already logged in, the log shows nothing. If they
> weren't logged in, the log has a security exception:
>
> 2014-06-30 15:43:08,889 ERROR (AccessRegistrar.java:111) - <Error handling
> access request>
> Target exception of class java.lang.SecurityException
> Successive lines until stack trace show causes progressing to exception
> site:
> Error setting dependency rootHandlerBeanBase of bean rootHandlerBean
> --> Error setting dependency contentTypeInfo of bean
> overridedRootHandlerBean
> --> Error fetching bean contentTypeInfo from factory method
> getContentTypeInfo of factory bean contentTypeInfoFactory
> --> Error fetching bean viewParameters from factory method
> getAdjustedViewParameters of factory bean viewParamsInterceptorManager
> --> Error fetching bean defaultViewParameters from factory method
> getViewParameters of factory bean defaultViewInferrerManager
> --> User must be authenticated to access this page
> java.lang.SecurityException: User must be authenticated to access this page
>         at
> org.sakaiproject.evaluation.tool.inferrers.EvaluationVPInferrer.inferDefaultViewParametersImpl(EvaluationVPInferrer.java:186)
>         at
> org.sakaiproject.evaluation.tool.inferrers.EvaluationVPInferrer.access$000(EvaluationVPInferrer.java:45)
>         at
> org.sakaiproject.evaluation.tool.inferrers.EvaluationVPInferrer$1.run(EvaluationVPInferrer.java:89)
>
> Any ideas on fixing this? We're using Sakai 2.9.2.
>
> Josh
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140701/ceec8a19/attachment.html

More information about the sakai-dev mailing list