[Zope] Forcing SSL
martin f krafft
madduck@madduck.net
Mon, 3 Feb 2003 16:34:49 +0100
--s/l3CgOIzMHHjg/5
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
also sprach Kevin Carlson <khcarlso@bellsouth.net> [2003.02.03.1610 +0100]:
> You could use apache virtual host directives to do this. Set up one=20
> virtual host using 443 and another using 80. They could point to the=20
> same place with one using ssl and the other unsecured. Search the=20
> archives for Apache Virtual Hosts use with Zope.
Please read my initial post:
> >I would like to force users to manage a Zope/Plone site through SSL,
> >and only through SSL. I have a site http://www.site.com:80, which is
> >also directly accessible as https://www.site.com:443.
This is already accomplished. My members can very well login and edit
the pages through SSL, but they can also do so through regular HTTP on
port 80. I don't want that. Only anonymous users may use port 80.
Non-anonymous users, and anyone accessing the login form, *must* be
going through port 443 with SSL!
Hope this is clearer.
--=20
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
=20
NOTE: The pgp.net keyservers and their mirrors are broken!
Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc
=20
"it is only the modern that ever becomes old-fashioned."=20
-- oscar wilde
--s/l3CgOIzMHHjg/5
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+PowZIgvIgzMMSnURApzdAJ4tNF1HOYL3s79XHiHO3DFl0AuNXwCffj4h
OyjcRJCP5nRDepIZuLAfTOM=
=G+QU
-----END PGP SIGNATURE-----
--s/l3CgOIzMHHjg/5--