User Security Manager
usersecuritymanage
Gravatar is a globally recognized avatar based on your email address. usersecuritymanage
  Jim Monte
  All
  May 13, 2020 @ 10:42am

http / https

this is the genterated link to recover password http://

http://telcogeardev.com/autosales/usermanager/RecoverPassword.usm?id=FDTsFefnA5Na6JKZ "I clicked the link in the email" got a page not found..

should be

https://telcogeardev.com/autosales/usermanager/RecoverPassword.usm?id=FDTsFefnA5Na6JKZ

Does the security manager have a setting in it or should usersecurity manager have made it https but didn't?

Jim

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Rick Strahl
  Jim Monte
  May 13, 2020 @ 12:38pm

It should auto-resolve that based on the current page that precipitated the email request.

However, make sure you grab the very latest download of the Web Connection Release. This was one of the bits fixed in the update... (wwRequest::ResolveServerUrl()).

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Jim Monte
  Rick Strahl
  May 13, 2020 @ 02:04pm

ok.. Thanks Rick... will download it tonight..

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Jim Monte
  Rick Strahl
  May 13, 2020 @ 02:44pm

downloaded the latest wc712.. installed.. recompile project.. ran it again.. Still using http..

For the time being.. should I check the url, if its http reroute to https?

if there a way in IIS to route all http to https?

Jim

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Rick Strahl
  Jim Monte
  May 13, 2020 @ 02:49pm

Make sure you recompile your PRG files in the classes folder to see the latest changes if you installed ontop of your old installation.

Step into the code for the Process.ResolveServerUrl() and Request.isLinkSecure() and see what you get. This should pick up the secure status of the URL.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Jim Monte
  Rick Strahl
  May 13, 2020 @ 03:11pm

after looking closer as the class prgs.. they are still dated 05/08/2020 .. You sure the webconnection.zip has been updated.. I downloaded what I already had..

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Rick Strahl
  Jim Monte
  May 13, 2020 @ 03:27pm

Hmmm... looks like this got fixed, but with a bug 😃

Replace this function this in wwProcess.prg:

************************************************************************
* wwProcess :: ResolveServerUrl
****************************************
***  Function: Returns a fully qualified URL from a URL with ~ start
***    Assume:
***      Pass: lcUrl    -  Virtual URL that includes ~ 
***            lcPrefix -  http or https
***    Return:
************************************************************************
FUNCTION ResolveServerUrl(lcUrl, lcPrefix)
LOCAL llIsHttps, lcPrefix

IF lcUrl != "~"
   RETURN lcURL
ENDIF

llIsHttps = this.oRequest.IsLinkSecure()

IF (llIsHttps)
   lcPrefix = "https"
ELSE
   lcPrefix = "http"
ENDIF

lcUrl = this.ResolveUrl(lcUrl)  
lcUrl = lcPrefix + "://" + Request.GetServerName() + lcUrl
RETURN lcUrl
ENDFUNC
*  wwProcess :: ResolveUrl

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Jim Monte
  Rick Strahl
  May 13, 2020 @ 04:06pm

I added a URL Rewrite in IIS.. redirects http to https.. so it works now..

Jim

Gravatar is a globally recognized avatar based on your email address. re: usersecuritymanage
  Jim Monte
  Rick Strahl
  May 13, 2020 @ 04:08pm

ok.. trying it now

© 1996-2020