[TYPO3-core] RFC: #10467: AJAX relogin does not work

[Oliver Hader]

Hi Steffen,

Steffen Kamper schrieb:
> Hi,
> 
> today i found time to finish the last part.
> 
> For auth services that add javascript to loginform, or openID which uses
> identifier for username and redirect, the AJAX loginrefresh box doesn't
> work. So i added a config var that configure the following behaviour:
> * after timeout < 120 show the progressbar (30sec)
> * after this open popup login window for refresh login
> 
> If successfull logged in in popup, the popup starts the timer and closes.
> 
> The configuration is a simple var in ext_localconf:
> $TYPO3_CONF_VARS['BE']['showRefreshLoginPopup'] = 1;

Thanks for your work on this issue. However, I've some remarks:
* the showRefreshLoginPopup is not a configuration that can be defined
via install tool - it's more a runtime setting and should go to a
different variable (T3_VAR?)
* OpenId: Showing the popup browser window should only happen, when the
user of the just expired session could use an OpenId to login
* RSAAuth: Showing the popup browser window should only happen, when the
loginSecurityLevel was set to 'rsa' and RSAAuth is installed
* However, I uninstalled rsaauth and openid and set my
loginSecurityLevel to nothing ('') - I was not able to relogin. The POST
data submitted via AJAX had a challenge and hashed userident as
expected. Hm...

olly
-- 
Oliver Hader
TYPO3 Release Manager 4.3