I need to redirect all my http requests to the login_form of the CookieCrumble to https, so, I wrote this rule in apache:
RewriteRule ^/login/login_form(.*) https://server/login/login_form$1 [NE,L]
It authenticates me through ssl, but then it cames back to http. I saw that the problem is that the came_from variable refers to the original http request; something like this:
https://server/login/login_form?came_from=http%3A//server/page&retry=&disabl e_cookie_login__=1
Ok, finally I found a way of correcting this behavior without modifying my original RewriteRule. I added a new boolean attribute to the CookieCrumbler class: "ssl_redirect". If it is set, then the http Part in the came_from variable will be replaced by https. All this would be done inside the getUnauthorizedURL method of the CookieCrumbler class (See the attachment). If you think there is a better way of doing this, please let me know. Regards Josef Note: The patch was done for the CookieCrumbler v1.2 diff -Naur CookieCrumbler_old/CookieCrumbler.py CookieCrumbler_new/CookieCrumbler.py --- CookieCrumbler_old/CookieCrumbler.py 2004-06-14 18:34:36.000000000 +0200 +++ CookieCrumbler_new/CookieCrumbler.py 2006-06-16 17:34:04.000000000 +0200 @@ -83,6 +83,9 @@ 'label':'Use cookie paths to limit scope'}, {'id':'cache_header_value', 'type': 'string', 'mode':'w', 'label':'Cache-Control header value'}, + #SSL Redirection from Josef Meile + {'id':'ssl_redirect', 'type': 'boolean', 'mode':'w', + 'label':'Use ssl after login'}, ) auth_cookie = '__ac' @@ -95,6 +98,9 @@ local_cookie_path = 0 cache_header_value = 'no-cache' + #Patch from Josef Meile + ssl_redirect = 0 + security.declarePrivate('delRequestVar') def delRequestVar(self, req, name): # No errors of any sort may propagate, and we don't care *what* @@ -315,6 +321,11 @@ came_from = req.get('came_from', None) if came_from is None: came_from = req.get('URL', '') + + #Patch from Josef Meile in order to redirect to ssl if using http + if self.ssl_redirect and came_from.startswith('http:'): + came_from = 'https' + came_from[4:] + query = req.get('QUERY_STRING') if query: # Include the query string in came_from @@ -371,6 +382,14 @@ return p.get('label', id) return id + #Patch from Josef Meile + def __setstate__(self,state): + #This method adds new attributes and deletes old ones each time + #that you view old instances of the class + Folder.__setstate__(self,state) + if not hasattr(self,'ssl_redirect'): + self.ssl_redirect = 0 + Globals.InitializeClass(CookieCrumbler)