##// END OF EJS Templates
jro_apps » redmine
RSS
Ported the session_store.rb generation task from trunk....
Eric Davis -
r2940:638a9a264a89
parent child
Show More
Side by Side Unified
Context file:
r2940:638a9a264a89 Loading diff...:
Show file before | Show file after | Hide comments
@@ -0,0 +1,24
1 desc 'Generates a configuration file for cookie store sessions.'
2
3 file 'config/initializers/session_store.rb' do
4 path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')
5 secret = Rails::SecretKeyGenerator.new(self).generate_secret[0,40]
6 File.open(path, 'w') do |f|
7 f.write <<"EOF"
8 # This file was generated by 'rake config/initializers/session_store.rb',
9 # and should not be made visible to public.
10 # If you have a load-balancing Redmine cluster, you will need to use the
11 # same version of this file on each machine. And be sure to restart your
12 # server when you modify this file.
13
14 # Your secret key for verifying cookie session data integrity. If you
15 # change this key, all old sessions will become invalid! Make sure the
16 # secret is at least 30 characters and all random, no regular words or
17 # you'll be exposed to dictionary attacks.
18 ActionController::Base.session = {
19 :session_key => '_redmine_session',
20 :secret => '#{secret}'
21 }
22 EOF
23 end
24 end
Show file before | Show file after | Hide comments
@@ -19,11 +19,17 require 'uri'
19 require 'cgi'
19 require 'cgi'
20
20
21 class ApplicationController < ActionController::Base
21 class ApplicationController < ActionController::Base
22 class MissingSessionSecret < Exception ; end
22 layout 'base'
23 layout 'base'
23
24
24 before_filter :user_setup, :check_if_login_required, :set_localization
25 before_filter :user_setup, :check_if_login_required, :set_localization
25 filter_parameter_logging :password
26 filter_parameter_logging :password
26 protect_from_forgery :secret => session.first[:secret]
27
28 if session.first[:secret].blank?
29 raise MissingSessionSecret, "Missing session secret. Please run 'rake config/initializers/session_store.rb' to generate one"
30 else
31 protect_from_forgery :secret => session.first[:secret]
32 end
27
33
28 include Redmine::MenuManager::MenuController
34 include Redmine::MenuManager::MenuController
29 helper Redmine::MenuManager::MenuHelper
35 helper Redmine::MenuManager::MenuHelper
Show file before | Show file after | Hide comments
@@ -30,7 +30,10 Optional:
30 rake db:migrate RAILS_ENV="production"
30 rake db:migrate RAILS_ENV="production"
31 It will create tables and an administrator account.
31 It will create tables and an administrator account.
32
32
33 5. Setting up permissions
33 5. Generate a session store secret. Run:
34 rake config/initializers/session_store.rb
35
36 6. Setting up permissions
34 The user who runs Redmine must have write permission on the following
37 The user who runs Redmine must have write permission on the following
35 subdirectories: files, log, tmp (create the last one if not present).
38 subdirectories: files, log, tmp (create the last one if not present).
36
39
@@ -39,13 +42,13 Optional:
39 sudo chown -R redmine:redmine files log tmp
42 sudo chown -R redmine:redmine files log tmp
40 sudo chmod -R 755 files log tmp
43 sudo chmod -R 755 files log tmp
41
44
42 6. Test the installation by running WEBrick web server:
45 7. Test the installation by running WEBrick web server:
43 ruby script/server -e production
46 ruby script/server -e production
44
47
45 Once WEBrick has started, point your browser to http://localhost:3000/
48 Once WEBrick has started, point your browser to http://localhost:3000/
46 You should now see the application welcome page
49 You should now see the application welcome page
47
50
48 7. Use default administrator account to log in:
51 8. Use default administrator account to log in:
49 login: admin
52 login: admin
50 password: admin
53 password: admin
51
54
General Comments 0
You need to be logged in to leave comments. Login now