Hi
Got a question about the use of SSL in the
AuthenticationProcessingFilterEntryPoint config. (acegi 1.0.2)
We have a webapp sitting on our server that resides on a domain url like
foo.bar.com
For various reasons I have no control over, the SSL certificate is registered
against secure.bar.com which points to the same machine.
In my acegi entry point config I have:
<bean id="exceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/ourwebapp/dis/login.jsp?errcode=1"/>
<property name="forceHttps" value="true"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="com.foo.webapp.filter.AccessDeniedHandler">
<property name="errorPage" value="/ourwebapp/dis/login.jsp?errcode=2"/>
</bean>
</property>
</bean>
In the setup above, when a login is triggered, it requires SSL and modifies
http to https, but the browser pops a warning saying that the SSL cert is for
secure.bar.com not foo.bar.com.
I tried making the loginFormUrl parameter absolute but that didn't do the right
thing either.
Is there a way around this? The webapp itself does not need SSL beyond the
login step, and we must remain on foo.bar.com as an address.
Tim
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
