[login] don't redirect to http url if we allow anonymous on https
Closes #2583913
--- a/web/views/basetemplates.py Mon Feb 25 11:34:58 2013 +0100
+++ b/web/views/basetemplates.py Thu Jan 24 10:28:49 2013 +0100
@@ -498,7 +498,7 @@
if config['auth-mode'] != 'http':
self.login_form(id) # Cookie authentication
w(u'</div>')
- if self._cw.https and config.anonymous_user()[0]:
+ if self._cw.https and config.anonymous_user()[0] and config['https-deny-anonymous']:
path = xml_escape(config['base-url'] + self._cw.relative_path())
w(u'<div class="loginMessage"><a href="%s">%s</a></div>\n'
% (path, self._cw._('No account? Try public access at %s') % path))