One little problem is that I of course want to let people read links and
images which are linked on the web pages (doing a GET) but they have to do
a secured login with encrypted passwords and usernames. Currently I am
trying to subclass the Jahia Webdav servlet and return an error if someone
is doing a POST and is not using https as protocol?
Regards
/Lars Hagrot
CodeMonkey
<[EMAIL PROTECTED]
eturn.com.au> To
Sent by: news [email protected]
<[EMAIL PROTECTED] cc
rg>
Subject
Re: Secure webdav?
2005-11-08 20:10
Please respond to
<[EMAIL PROTECTED]
ia.org>
Lars,
I am not sure whether this will help, but take a look at ISAPI rewrite
(there is a free 'lite' version) at http://www.helicontech.com/ which
works much like apache mod_rewrite. This will allow you to rewrite URLs
dependent on the User-agent as well - so you could conceivably force
https on webdav for specific clients.
[EMAIL PROTECTED] wrote:
> Hi!
>
> For security reasons "some people" want to only use https for logged in
> and edit mode in Jahia.
>
> I have succeded to help them by using java script in the login.jsp file
> and in common header jsp files which changes protocol if logged in or if
> they want to logg in.
>
> Now they want to force or ensure https also if they use an external
> webdav client like windows file manager. Has anyone heard about such a
> requirement and how to solv the problem. It would be nice if it could be
> done by reconfigure jahias web.xml or tomcat.
>
> They have to use IIS! ( This would not be any hard problem if they
> could use Apache Web Server)
>
> Regards
> /Lars Hagrot
