[Seaside] Secure login and unsecure app
Philippe Marschall
philippe.marschall at gmail.com
Sat Aug 11 19:11:54 UTC 2007
2007/8/11, Sebastian Sastre <ssastre at seaswork.com>:
> A perhaps simpler solution I can imagine is to put just the login component
> in another path than the rest of the application and manage that path to go
> to https with apache's RewriteRule. Something like:
>
> http://subdomain1.domain.com (the main usual seaside app)
> https://subdomain1.domain.com/login (the login only)
>
> What do you think? Is possible to mount a component in a sigtlhy different
> URL?
In theory yes, that's what Pier is doing. But that's tricky. You'd
have to use #updateUrl: #addToPath: and friends. Seriously it would be
much simpler (and safer) if you just put the whole application behind
https (you can make a redirect for those who come over http).
Cheers
Philippe
> thanks,
>
> Sebastian Sastre
>
>
> > -----Mensaje original-----
> > De: seaside-bounces at lists.squeakfoundation.org
> > [mailto:seaside-bounces at lists.squeakfoundation.org] En nombre
> > de Philippe Marschall
> > Enviado el: Sábado, 11 de Agosto de 2007 07:18
> > Para: Seaside - general discussion
> > Asunto: Re: [Seaside] Secure login and unsecure app
> >
> > 2007/8/10, Sebastian Sastre <ssastre at seaswork.com>:
> > >
> > >
> > > Hi there,
> > >
> > > how one make an apache or lighthttp configuration that makes a
> > > seaside app to make its login secure (https) and the rest
> > of the app
> > > insecure (http)?
> > >
> > > I've imagined by making two apps (one secured and other
> > insecure)
> > > the secured only for login.. but can the user session can be passed
> > > from one application to another?
> >
> > Not out of the box. You can experiment with switching the
> > application of a session or #call: to a new customized
> > WARenderLoop. No guaranties though that it works.
> >
> > Cheers
> > Philippe
> >
> > > cheers,
> > >
> > >
> > >
> > > Sebastian Sastre
> > >
> > >
> > >
> > > _______________________________________________
> > > Seaside mailing list
> > > Seaside at lists.squeakfoundation.org
> > > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
> > >
> > >
> > _______________________________________________
> > Seaside mailing list
> > Seaside at lists.squeakfoundation.org
> > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
More information about the seaside
mailing list