We accomplish this within our Apache httpd service in front of
Tomcat. Basically I use mod_rewrite to force specific url's into http
or https. (for example:
## SSL Virtual Host Context
<VirtualHost 18.51.3.31:443>
...
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/certificate-login.*
RewriteCond %{REQUEST_URI} !^/password-login.*
RewriteRule ^/(.*) http://%{HTTP_HOST}/$1 [L,R]
...
</VirtualHost>
<VirtualHost 18.51.3.31:80>
...
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/certificate-login.* [OR]
RewriteCond %{REQUEST_URI} ^/password-login.*
RewriteRule ^/(.*) https://%{HTTP_HOST}:443/$1 [L,R]
-Mark
On Jan 24, 2007, at 2:15 PM, John Preston wrote:
Can anyone tell me if it is possible to use https for just the
login steps and regualr unsecured http to access my dspace site. I
need to secure the login username/password phase but once logged in
I want to use the regular http so it is as fast as possible.
Mark R. Diggory
~~~~~~~~~~~~~
DSpace Systems Manager
MIT Libraries, Systems and Technology Services
Massachusetts Institute of Technology
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
