[TYPO3-english] RSA Auth and Problems using proper Caching
Helmut Hummel
helmut.hummel at typo3.org
Mon Jun 18 23:53:26 CEST 2012
On 18.06.12 08:47, Kay Strobach wrote:
> Hallo Guys,
>
> I'm pretty sure, that some of you also got the weird behaviour of
> rsaauth with proper set cache headers?
>
> http://www.typo3-media.com/blog/website-caching-login.html
> -> Problem 2
>
> I created a Forge Issue for that:
>
> http://forge.typo3.org/issues/37421
>
> The solution should be quite easy for someone who is in the code of rsaauth.
>
> The public key needs to be transfered using uncached ajax.
I think the best solution would be to fetch the key via ajax right
before submitting the form (override the form submit with JS)
The problem is not so much rsaauth but having a place for the backend
code for the ajax call. Maybe eID for the felogin and ajax.php for the
backend login?
Kind regards,
Helmut
--
Helmut Hummel
Release Manager TYPO3 6.0
TYPO3 Core Developer, TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-english
mailing list