17 Jan
2003
17 Jan
'03
5:02 p.m.
Dieter Maurer wrote:
You might use a "SiteAccess" access rule.
Dieter, thanks for the suggestion. But I don't see how SiteAccess could help me here, maybe I'm missing something. Basically, what I want to do is to prevent zope from ever sending a unauthorized response to a clear text http request, instead it should send a redirect to a https://* URI, which would then send the unauthorized response, so that the browser dialog for basic authentication would only be trigger on a secure connection. I don't know where inside zope I could implement such a hook, that's why I posted here. cheers, oliver