tpac; improve ssl and authentication redirection
Create a better separation between pages the require SSL and those
that also require authentication. This change has a number of
beneficial side effects:
1. If a user is already logged in and is somehow redirected to the
non-SSL version of a page requiring SSL (via, for example, some external
link), they are simply taken to the SSL equivlent of the page first. If
they are found to be logged in, we're done. If not, they are directed to
the login page like usual.
2. password_reset page now requires SSL (but not auth, obviously)
3. Removed the unnecessary warning about logging out on a non-SSL
connection. We now redirect the user to the SSL version of logout so,
if they are in fact logged in, they can be successfully logged out.
Signed-off-by: Bill Erickson <berick@esilibrary.com>
Signed-off-by: Mike Rylander <mrylander@gmail.com>
projects / working / Evergreen.git / commit