Enable redirection on forbidden access with self protected Portal URLs leads to an endless loop
Concerned version
Version: %2.0.X
Platform: All
Summary
Enable CheckUser or TOTP & Redirect on forbidden (Handler redirections)
Set rules like this:
auth.example.com/checkuser => $uid eq 'rtyler'
auth.example.com/2fregisters => $uid eq 'rtyler'
Reload conf and log in as 'dwho'.
Try to access /checkuser or /2fregisters, an infinite loop occurs
or session is killed:
Logs
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Get session 0b49762ab2e252012e2d97e852241d6035a89c814c72a230e93c93fd37739311 from Handler internal cache
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] No URL authentication level found...
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Regexp "New rule" match
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [notice] User dwho was forbidden to access to auth.example.com/2fregisters
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] [notice] User dwho was forbidden to access to auth.example.com/2fregisters
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Use redirect for forbidden access
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Build URL http://auth.example.com:19876/2fregisters
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Redirect 127.0.0.1 to lmError (url was /2fregisters)
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] User not authenticated, Try in use, cancel redirection
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Start routing 2fregisters
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Processing controlUrl
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Processing code ref
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Processing code ref
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Launching ::Plugins::AutoSignin::check
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Processing extractFormInfo
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Prepare token
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Token 1586448138_64594 created
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Returned error: 1 (PE_SESSIONEXPIRED)
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Display type standardform
[Fri Apr 10 14:00:18 2020] [LLNG:21142] [debug] Skin returned: login