[Seaside] Authentication task and https

Fri Oct 17 18:17:20 UTC 2008

No, as you surmise, it's only a preference and only used by
applications (all entry points in 2.9) and is therefore
application-wide. It's basically supposed to represent the "external
base url" of the application, when that is not the same as the base
url of the application within the squeak image.

If you're talking about wanting some part of your application to force
the use of SSL then that doesn't help but I think in most cases (if
you don't specify values for those parameters) it should just be
generating URLs like "/seaside/foo", which will maintain the hostname,
protocol, and port and should therefore keep using SSL until you
manually send it to an HTTP URL. When the session expires, you'd get
redirected back to the application entry point, which would be HTTP
again.

I think perhaps I don't quite understand what you're trying to
accomplish. Maybe you could give a more concrete example with what the
external and internal URLs are at various points?

Julian

On Fri, Oct 17, 2008 at 7:13 PM, Bill Schwab <BSchwab at anest.ufl.edu> wrote:
> Julian,
>
> Are there any restrictions on how or on which classes to set the
> protocol option?  So far, I have used #registerAsApplication: and then
> set preferences.  But unless I am missing something, I can't simply
> browse for implementers of #serverProtocol:.  Is there a way to set a
> protocol for something that does not deserve the label of "application"
> (which I read as entry point to Seaside)?  As an example, suppose I have
> a task to get a file name, ask for some text, perhaps present a form to
> edit it, and then #answer: a result of the interaction; how would I go
> about setting its server protocol without creating an entry point?
>
> Bill
>
>
>
>
> ==========================
> Julian Fitzell jfitzell at gmail.com
> Fri Oct 17 11:33:16 UTC 2008
>
> Sounds likely... the #serverXXX settings control the URLs that are
> generated by Seaside. If your application is running behind something
> like apache that makes the address different than what Seaside would
> expect, you should be setting those options.
>
> Julian
>
> On Thu, Oct 16, 2008 at 10:09 PM, Bill Schwab <BSchwab at anest.ufl.edu>
> wrote:
>> Hello all,
>>
>> I am working on my reference manager.  One of the first things I did
>> was create a task for authentication, and that works as intented: give
>> it a user name and password it likes, and you are in; it does not
> allow
>> users to register themselves, which is the intended behavior.
>>
>> Since I switched to https, I now note that timeouts (I think) result
> in
>> an http request which Apache is configured to ignore.  I probably just
>> need to set the #serverProtocol to 'https', but thought I should ask
>> first because I then have to explain why it works the first time
>> around.
>>
>> Any words of wisdom?
>>
>> Bill
>
> Wilhelm K. Schwab, Ph.D.
> University of Florida
> Department of Anesthesiology
> PO Box 100254
> Gainesville, FL 32610-0254
>
> Email: bschwab at anest.ufl.edu
> Tel: (352) 273-6785
> FAX: (352) 392-7029
>
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>