- **status**: code-review --> in-progress - **Comment**: It does not work for me with sfx auth provider. I'm getting redirects to a login page trying to access something unavailable to unauthenticated user (e.g. `/p/test/admin`) and login page says I am already logged in to SourceForge.
It works with ldap provider, though. I guess, since we going to switch sf auth to allura auth soon, that's ok? If it is you can merge this, looks fine to me. --- ** [tickets:#7732] Be able to use secure cookies and SSLMiddleware ** **Status:** in-progress **Milestone:** forge-oct-17 **Created:** Thu Oct 02, 2014 02:23 PM UTC by Dave Brondsema **Last Updated:** Fri Oct 10, 2014 12:39 PM UTC **Owner:** Dave Brondsema `SSLMiddleware` currently has some SourceForge-specific bits that we should factor out, so anyone can use it. We should also support secure session cookies, and do so in a way that works with mixed http/https usage. E.g. with a non-secure cookie that acts as a flag indicating a secure session is available and the app can redirect from http->https. --- Sent from sourceforge.net because [email protected] is subscribed to https://sourceforge.net/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
