Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-25505

UserHash is always generated for anonymous user

    Details

    • Type: Bug Bug
    • Status: Backlog
    • Priority: Blocker Blocker
    • Resolution: Unresolved
    • Affects Version/s: 2014.11, 2015.12.1, 16.02
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      User hash generation process always returns the anonymous user hash. The problem is due to using /_fos_user_context_hash route for hash generation, which is excluded from siteaccess matching, which ultimately means that user will never be authenticated.

      This can be circumvented by using the original request URI when generating the hash, since FOS HTTP Cache bundle never did use /_fos_user_context_hash route to match the hash generation request, making it again possible to have a siteaccess match.

      EDIT: This also happens on 2014.11, but over there, the above doesn't help because this commit never ended up in 2014.11: https://github.com/ezsystems/ezpublish-kernel/commit/b4b02419847c991d24c5938962d83cda90aaca65 and role ID context hash provider uses the second "inherit" param.

        Issue Links

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Edi Modrić
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: