| @@ -0,0 +1,24 | |||
|
|
1 | desc 'Generates a configuration file for cookie store sessions.' | |
|
|
2 | ||
|
|
3 | file 'config/initializers/session_store.rb' do | |
|
|
4 | path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb') | |
|
|
5 | secret = Rails::SecretKeyGenerator.new(self).generate_secret[0,40] | |
|
|
6 | File.open(path, 'w') do |f| | |
|
|
7 | f.write <<"EOF" | |
|
|
8 | # This file was generated by 'rake config/initializers/session_store.rb', | |
|
|
9 | # and should not be made visible to public. | |
|
|
10 | # If you have a load-balancing Redmine cluster, you will need to use the | |
|
|
11 | # same version of this file on each machine. And be sure to restart your | |
|
|
12 | # server when you modify this file. | |
|
|
13 | ||
|
|
14 | # Your secret key for verifying cookie session data integrity. If you | |
|
|
15 | # change this key, all old sessions will become invalid! Make sure the | |
|
|
16 | # secret is at least 30 characters and all random, no regular words or | |
|
|
17 | # you'll be exposed to dictionary attacks. | |
|
|
18 | ActionController::Base.session = { | |
|
|
19 | :session_key => '_redmine_session', | |
|
|
20 | :secret => '#{secret}' | |
|
|
21 | } | |
|
|
22 | EOF | |
|
|
23 | end | |
|
|
24 | end | |
| @@ -19,11 +19,17 require 'uri' | |||
|
|
19 | 19 | require 'cgi' |
|
|
20 | 20 | |
|
|
21 | 21 | class ApplicationController < ActionController::Base |
|
|
22 | class MissingSessionSecret < Exception ; end | |
|
|
22 | 23 | layout 'base' |
|
|
23 | 24 | |
|
|
24 | 25 | before_filter :user_setup, :check_if_login_required, :set_localization |
|
|
25 | 26 | filter_parameter_logging :password |
|
|
26 | protect_from_forgery :secret => session.first[:secret] | |
|
|
27 | ||
|
|
28 | if session.first[:secret].blank? | |
|
|
29 | raise MissingSessionSecret, "Missing session secret. Please run 'rake config/initializers/session_store.rb' to generate one" | |
|
|
30 | else | |
|
|
31 | protect_from_forgery :secret => session.first[:secret] | |
|
|
32 | end | |
|
|
27 | 33 | |
|
|
28 | 34 | include Redmine::MenuManager::MenuController |
|
|
29 | 35 | helper Redmine::MenuManager::MenuHelper |
| @@ -30,7 +30,10 Optional: | |||
|
|
30 | 30 | rake db:migrate RAILS_ENV="production" |
|
|
31 | 31 | It will create tables and an administrator account. |
|
|
32 | 32 | |
|
|
33 | 5. Setting up permissions | |
|
|
33 | 5. Generate a session store secret. Run: | |
|
|
34 | rake config/initializers/session_store.rb | |
|
|
35 | ||
|
|
36 | 6. Setting up permissions | |
|
|
34 | 37 | The user who runs Redmine must have write permission on the following |
|
|
35 | 38 | subdirectories: files, log, tmp (create the last one if not present). |
|
|
36 | 39 | |
| @@ -39,13 +42,13 Optional: | |||
|
|
39 | 42 | sudo chown -R redmine:redmine files log tmp |
|
|
40 | 43 | sudo chmod -R 755 files log tmp |
|
|
41 | 44 | |
|
|
42 |
|
|
|
|
45 | 7. Test the installation by running WEBrick web server: | |
|
|
43 | 46 | ruby script/server -e production |
|
|
44 | 47 | |
|
|
45 | 48 | Once WEBrick has started, point your browser to http://localhost:3000/ |
|
|
46 | 49 | You should now see the application welcome page |
|
|
47 | 50 | |
|
|
48 |
|
|
|
|
51 | 8. Use default administrator account to log in: | |
|
|
49 | 52 | login: admin |
|
|
50 | 53 | password: admin |
|
|
51 | 54 | |
General Comments 0
You need to be logged in to leave comments.
Login now