[Zope] Re: SSL over Multiple Zope/Plone sites?

michael nt milne michael.milne at gmail.com
Tue Jan 24 15:04:58 EST 2006


Ok thanks very much for this. Much appreciated.

On 1/24/06, michael nt milne <michael.milne at gmail.com> wrote:
> Would it work if you carried the SSL through and continued the session?
>
> On 1/24/06, David Pratt <fairwinds at eastlink.ca> wrote:
> > Hi Jens. I tried something similar to this about a year ago as an
> > experiment. I think the problem I had at the time with with session
> > expiring and I was thinking about storing the session data in the
> > database and retrieving it back when user went back to non-ssl. This was
> > a while ago and I did not follow it through at the time. I am use CMF
> > not Plone however.
> >
> > Regards,
> > David
> >
> > Jens Vagelpohl wrote:
> > >
> > > On 24 Jan 2006, at 18:10, David Pratt wrote:
> > >
> > >> I think this should be doable for single cert with multiple  domains.
> > >> Setup you exising ip with one domain (ie.  mysecure_domain.com). Get
> > >> the cert on this domain.
> > >
> > >
> > > <snip>
> > >
> > > Have you tested this? The authentication machinery uses cookies, and
> > > the browser will not send cookies that were set by the secure login
> > > host to the unsecured sites.
> > >
> > > jens
> > >
> > > _______________________________________________
> > > Zope maillist  -  Zope at zope.org
> > > http://mail.zope.org/mailman/listinfo/zope
> > > **   No cross posts or HTML encoding!  **
> > > (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
> > > http://mail.zope.org/mailman/listinfo/zope-dev )
> > >
> > _______________________________________________
> > Zope maillist  -  Zope at zope.org
> > http://mail.zope.org/mailman/listinfo/zope
> > **   No cross posts or HTML encoding!  **
> > (Related lists -
> >  http://mail.zope.org/mailman/listinfo/zope-announce
> >  http://mail.zope.org/mailman/listinfo/zope-dev )
> >
>


More information about the Zope mailing list