I’m not sure if this is a purely BlueNetMEST v1.1 related bug or not.
Operations such as change password open a second browser window, the original window remains behind displaying the administration ‘blind’. This causes a problem if the user logs out twice.
The failure scenario is:
- User login
- Navigate to change password, a second browser window opens
- change password, success screen offers a logout button
- Select logout, second browser window closes
- original browser displays administration ‘blind’
- close the blind
- press logout button original window
- error – insufficient privileges
Ok, logging out twice is bad. However, does a user HAVE to be logged in to invoke the user.logout service?
I have fixed this locally in geonetwork/xml/user-profiles.xml by moving the element from the RegisteredUser profile to the Guest profile. This means that you don’t have to be logged in to log out. This fixes the log out twice problem.
Can anybody see a problem with this?
Regards,
Stephen
Hi Stephen,
Most likely it is a problem with the BlueNet MEST only (but I'll check) - it comes about because the xslt being used to display the password changed successfully message includes the banner/login stuff - one simple fix is to switch the forward sheet from info.xsl to infoedit.xsl in web/geonetwork/WEB-INF/config.xml to remove the double logout possibility.
Thanks for highlighting this - I have also tested the others you've found and will commit them shortly.
Cheers,
Simon
Stephen.Davies@anonymised.com wrote:
I’m not sure if this is a purely BlueNetMEST v1.1 related bug or not.
Operations such as change password open a second browser window, the original window remains behind displaying the administration ‘blind’. This causes a problem if the user logs out twice.
The failure scenario is:
1. User login
2. Navigate to change password, a second browser window opens
3. change password, success screen offers a logout button
4. Select logout, second browser window closes
5. original browser displays administration ‘blind’
6. close the blind
7. press logout button original window
8. error – insufficient privileges
Ok, logging out twice is bad. However, does a user HAVE to be logged in to invoke the user.logout service?
I have fixed this locally in geonetwork/xml/user-profiles.xml by moving the element <allow service=”user.logout”/> from the RegisteredUser profile to the Guest profile. This means that you don’t have to be logged in to log out. This fixes the log out twice problem.
Can anybody see a problem with this?
Regards,
Stephen
------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
------------------------------------------------------------------------
_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
geonetwork-devel List Signup and Options
GeoNetwork OpenSource is maintained at GeoNetwork - Geographic Metadata Catalog download | SourceForge.net