martin f krafft wrote:
also sprach Kevin Carlson <khcarlso@bellsouth.net> [2003.02.03.1610 +0100]:
You could use apache virtual host directives to do this. Set up one virtual host using 443 and another using 80. They could point to the same place with one using ssl and the other unsecured. Search the archives for Apache Virtual Hosts use with Zope.
Please read my initial post:
I would like to force users to manage a Zope/Plone site through SSL, and only through SSL. I have a site http://www.site.com:80, which is also directly accessible as https://www.site.com:443.
This is already accomplished. My members can very well login and edit the pages through SSL, but they can also do so through regular HTTP on port 80. I don't want that. Only anonymous users may use port 80. Non-anonymous users, and anyone accessing the login form, *must* be going through port 443 with SSL!
Hope this is clearer.
Maybe this thread http://mail.zope.org/pipermail/zope-dev/2003-January/018499.html helps you, esp. Dieter Maurer's last post there. It answers the question how to send a redirect to a https uri instead of a "forbidden" . HTH, oliver