Bug 40070

Summary: Self Service links to do not honor non-default ports
Product: UCS Reporter: Cornelius Kölbel <cornelius.koelbel>
Component: Self ServiceAssignee: Florian Best <best>
Status: CLOSED FIXED QA Contact: Daniel Tröder <troeder>
Severity: normal    
Priority: P5 CC: best, gohmann, walkenhorst
Version: UCS 4.1   
Target Milestone: UCS 4.1-0-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Attachments: patch

Description Cornelius Kölbel 2015-11-23 14:09:22 CET 
Hello,

I am accessing a UCS through a SSH tunnel, this is why I do not access it on the default port.

I access it like 

https://localhost:1443/ucs-overview/#service

When I click "change password" I am taken to 

https://localhost/univention-self-service/?lang=de-DE#passwordchange

which is not the same machine - if available at all.

I expect the non-default port to also be used.

Kind regards
Cornelius
Comment 1 Florian Best univentionstaff 2015-11-23 14:43:06 CET 
Created attachment 7316 [details]
patch

Well the ports are hardcoded in the UCR variables and a heuristic detects if the link should go to http or https. The patch checks if a different port is used than the default port for the current scheme and adjust the links in that case. It is a generic issue for every link on the ucs-overview.
Comment 2 Florian Best univentionstaff 2016-01-08 13:43:37 CET 
Applied the patch. This breaks links which aren't available in both HTTP and HTTPS as then the link is not available through the tunneled port. But that's the problem of the tunnel creator and a corner case which should not occur often.

univention-apache.yaml:
r66663 | YAML Bug #40070

univention-apache (8.0.1-4.254.201601081337):
r66662 | Bug #40070: don't rewrite port on ucs-overview if accessed via non default port
Comment 3 Daniel Tröder univentionstaff 2016-01-12 12:17:52 CET 
OK: Code
OK: manual test:
* ssh -L 10443:localhost:443 10.200.3.26
* access with Firefox https://localhost:10443/ucs-overview/
* before upgrade: link to password reset without port (https://localhost/univention-self-service/?lang=en-US#passwordreset)
* after upgrade: link to password reset contains port (https://localhost:10443/univention-self-service/?lang=en-US#passwordreset)
Comment 4 Janek Walkenhorst univentionstaff 2016-01-13 13:10:54 CET 
<http://errata.software-univention.de/ucs/4.1/48.html>