Skip to content

E
edx-platform
Commit 3169825a by Sarina Canelake
Options

Merge pull request #7870 from mitocw/feature/cg/disable_ssl_cache 

Remove anonymous caching when SSL is enabled
parents fad6ad77 681b9a5e
Showing with 13 additions and 1 deletions
common/djangoapps/external_auth/tests/test_ssl.py
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
Provides unit tests for SSL based authentication portions Provides unit tests for SSL based authentication portions
of the external_auth app. of the external_auth app.
""" """
import copy
import unittest import unittest
from django.conf import settings from django.conf import settings
...@@ -31,9 +32,12 @@ FEATURES_WITH_SSL_AUTH_AUTO_ACTIVATE = FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP.c ...@@ -31,9 +32,12 @@ FEATURES_WITH_SSL_AUTH_AUTO_ACTIVATE = FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP.c
FEATURES_WITH_SSL_AUTH_AUTO_ACTIVATE['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] = True FEATURES_WITH_SSL_AUTH_AUTO_ACTIVATE['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] = True
FEATURES_WITHOUT_SSL_AUTH = settings.FEATURES.copy() FEATURES_WITHOUT_SSL_AUTH = settings.FEATURES.copy()
FEATURES_WITHOUT_SSL_AUTH['AUTH_USE_CERTIFICATES'] = False FEATURES_WITHOUT_SSL_AUTH['AUTH_USE_CERTIFICATES'] = False
CACHES_ENABLE_GENERAL = copy.deepcopy(settings.CACHES)
CACHES_ENABLE_GENERAL['general']['BACKEND'] = 'django.core.cache.backends.locmem.LocMemCache'
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH) @override_settings(FEATURES=FEATURES_WITH_SSL_AUTH)
@override_settings(CACHES=CACHES_ENABLE_GENERAL)
class SSLClientTest(ModuleStoreTestCase): class SSLClientTest(ModuleStoreTestCase):
""" """
Tests SSL Authentication code sections of external_auth Tests SSL Authentication code sections of external_auth
......
common/djangoapps/util/cache.py
...@@ -8,6 +8,7 @@ not migrating so as not to inconvenience users by logging them all out. ...@@ -8,6 +8,7 @@ not migrating so as not to inconvenience users by logging them all out.
import urllib import urllib
from functools import wraps from functools import wraps
from django.conf import settings
from django.core import cache from django.core import cache
...@@ -49,7 +50,14 @@ def cache_if_anonymous(*get_parameters): ...@@ -49,7 +50,14 @@ def cache_if_anonymous(*get_parameters):
@wraps(view_func) @wraps(view_func)
def wrapper(request, *args, **kwargs): def wrapper(request, *args, **kwargs):
"""The inner wrapper, which wraps the view function.""" """The inner wrapper, which wraps the view function."""
if not request.user.is_authenticated(): # Certificate authentication uses anonymous pages,
# specifically the branding index, to do authentication.
# If that page is cached the authentication doesn't
# happen, so we disable the cache when that feature is enabled.
if (
not request.user.is_authenticated() and
not settings.FEATURES['AUTH_USE_CERTIFICATES']
):
# Use the cache. The same view accessed through different domain names may # Use the cache. The same view accessed through different domain names may
# return different things, so include the domain name in the key. # return different things, so include the domain name in the key.
domain = str(request.META.get('HTTP_HOST')) + '.' domain = str(request.META.get('HTTP_HOST')) + '.'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment