Community
Participate
Working Groups
We should remove the "continue" page when a user is trying to login to eclipse.org. If the user is currently not logged in, we need to display the login form. If the user successfully logged in, we should automatically redirect the user back to where he was. Also, if the user is currently logged in, we shouldn't require them to login again. We should redirect the user back to where he was without showing a page from https://dev.eclipse.org/site_login/
(In reply to Christopher Guindon from comment #0) > We should remove the "continue" page when a user is trying to login to > eclipse.org. Agreed. Could there be any security or usability implications of doing this? I'd have to re-read the post/redirect/get methodologies... en.wikipedia.org/wiki/Post/Redirect/Get > If the user is currently not logged in, we need to display the login form. > > If the user successfully logged in, we should automatically redirect the > user back to where he was. > > Also, if the user is currently logged in, we shouldn't require them to login > again. We should redirect the user back to where he was without showing a > page from https://dev.eclipse.org/site_login/ Didn't you open other bugs to address these issues? If not, I think you should, it's easier to address issues when they pertain to only one thing.
I get the feeling this bug is a contributing factor to bug 430302 - Keep getting asked to login Please review: https://git.eclipse.org/r/27995
> https://git.eclipse.org/r/27995 Abandoned. I need to tighten up bug 421097, and catch the use-case where there is no continue button (ie, you enter https://dev.eclipse.org/site_login manually or from bookmark). Thanks to Matt for the nudge offline.
> Abandoned. I need to tighten up bug 421097, and catch the use-case where > there is no continue button (ie, you enter > https://dev.eclipse.org/site_login manually or from bookmark). Both of those issues should be addressed by: https://git.eclipse.org/r/28494
The continue button is gone. If you weren't asked to log in from another place, you land on your My Account profile. Otherwise, you are redirected to the $takemeback site to finish authentication. This should make authentication much less error-prone.