Forum OpenACS Development: Re: rp_handler and host-node mapped subsites

Posted by Eduardo Santos on
Hi Dave,

One simple example: let's say you have a personalized login form that goes above the system pages. This form contain only two fields: username and e-mail.

The action for this form will be the subsite_url/register/. If you are using host node map, this link will point to subsite_url/register, but the address you are accessing does not contain the subsite_url.

On this case, when you are using the domain mapped to the host, you won't be able to login, because the POST is sent to subsite_url/register/ and RP won't be able to deal with this.

This is just an example, but in almost every form in the system this problem will happen.

Posted by Dave Bauer on
If any code is generating a fully qualified URL for the POST action, that's a bug and that should be fixed.

Trying to redirect a POST is just fixing the symptom and not the real bug.

The POST should always go to the same domain name that the form was generated from so there is no need for a redirect.

Posted by Ryan Gallimore on
OK, I agree. We need to alter ad_conn url* in the case of host-node mapped subsites, then. If we did that in this case, the RP redirect would not be necessary.

Any thoughts?

Posted by Torben Brosten on
Insert the value from site_node::conn_url when ad_conn url is from a host node mapped site?

This would be the simplest solution, but doesn't work for all cases, because sometimes ad_conn url is used to build a reference only available from the main domain.

The alternative is to swapp ad_conn url with site_node::conn_url for the specific cases that do work.

Posted by Dave Bauer on
Any references available ONLY from the main domain are also bugs.

See new embeds APM feature (i'll try to find a link to more info) which should resolve this issue by allowing search/notification and other site-wide services to be embedded in the subsite context.

Posted by Ryan Gallimore on
How does using embed for those specific services fix the general problem when I access http://mapped/page and [ad_conn url] returns /mapped/page? Shouldn't we fix ad_conn url to show the proper URL: /page?
Posted by Dave Bauer on
Those are two different issues. ad_conn url should return the URL you actually used to access the page.
Posted by Torben Brosten on
It would be nice to finally fix ad_conn url for host node mapping cases.

It's been a couple of years since I've been messing with host node mapping.

Apparently site_node::conn_url isn't a direct substitute as I mentioned. I'm terribly sorry about spouting that without re-checking.

site_node::conn_url is a proc for building urls that work when ad_conn url breaks for host node mapping.

One can use site_node::conn_url to generate urls that work with or without hostnode mapping, so that a host node mapped site works from the main domain as well.

Using site_node::conn_url is really useful when the main domain has a ssl/https setup, because the site can switch back and forth between http/https without generating a security warning or changing the display templates. You can direct a user to login via https and then switch them back to http on the hostnode mapped subsite after login. The UI flow is smooth.

Posted by Torben Brosten on


Regarding the register case, take a look at It's mapped to Login and Register work as expected from

The return_url is specified by ad_get_login_url

In this particular case, the return_url doesn't redirect back to the hostnode mapped domain, because many services break in that context. Instead, it serves the subsite via the main domain.

The login template etc are the default ones.

login.tcl has this slight change, to permit redirects back to the hostnode site:

<     if { [util::external_url_p $return_url] } {
<       ad_returnredirect -message "only urls with a valid host name are permitted" "."
>     set locations_list [security::locations]
>     # there may be as many as 3 valid full urls
>     set external_url [util_complete_url_p $return_url]
>     foreach location $locations_list {
>         set external_url [expr { $external_url && ![string match "$location/*" $return_url] } ] 
>     }
>     if { $external_url } {
>       ad_returnredirect -message "only urls without a host name are permitted" "."