[Zope] SSL Redirect for CookieCrumbler

Josef Meile jmeile at hotmail.com
Fri Jun 16 06:54:20 EDT 2006


Dear Zopers

I need to redirect all my http requests to the login_form of the
CookieCrumble to https, so, I wrote this rule in apache:

RewriteRule ^/login/login_form(.*) https://server/login/login_form$1 [NE,L]

It authenticates me through ssl, but then it cames back to http. I saw that
the problem is that the came_from variable refers to the original http
request; something like this:

https://server/login/login_form?came_from=http%3A//server/page&retry=&disabl
e_cookie_login__=1

Is there any way of writing something like this in apache?

RewriteRule ^/login/login_form?came_from=http%3A(.*)
https://server/login/login_form?came_from=https%3A$1 [NE,L]

It is not working for me :-(. I even tried escaping the '%' with a backslash
like this:

RewriteRule ^/login/login_form?came_from=http\%3A(.*)
https://server/login/login_form?came_from=https%3A$1 [NE,L]

But Apache doesn't match the rule. What's wrong with that?

Anyway, another thing that bothers me about the last approach is that I even
don't know if there is always a "came_from" variable. Is this always the
case? Is there any other way of achieving this?

Regards
Josef


More information about the Zope mailing list