osgeo.org change password not working

[robe]

As reported on - ​https://lists.osgeo.org/pipermail/sac/2019-May/010998.html

The page for changing one's own password that's linked off the profile page of www.osgeo.org, does not work, here's how to reproduce:

Go to ​https://www.osgeo.org/, click "Sign In" in top-right corner, sign in, you will land on the "Profile" page.

Scroll down a bit, under "About Yourself" there's a link that says

To change your OSGeo password, go to: ​https://id.osgeo.org/ldap/edit

That link returns HTTP status 403 Forbidden.

The (similar) reset link seems to work fine.

[robe]

The issue was that since I have id.osgeo.org on osgeo7 now, I had switched to using the http mode since nginx is handling the https.

But apache is still seeing the connection as http which evidentally this piece of code relies on it being https. I had similar issue with dev.osgeo.org and was able to resolve there by setting the

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
       $_SERVER['HTTPS']='on';

​https://codex.wordpress.org/Administration_Over_SSL

The article says you can do something similar with the .htaccess file, but not quite sure where on the server this is.

So what I ended up doing is turning back on ssl mode and proxying thru ssl.

The certificate it is will expire today (but I don't think that muuch matters to it or nginx) since nginx trusts it and will ignore the expiredness and nthe client browser is responsible for checking the certificate is valid and will be given the valid letsencrypt nginx cert.