I think customizing the servlet is indeed your best bet, unless you want
to try to use a servlet filter ?
Regards,
Serge Huber.
[EMAIL PROTECTED] wrote:
One little problem is that I of course want to let people read links and
images which are linked on the web pages (doing a GET) but they have to do
a secured login with encrypted passwords and usernames. Currently I am
trying to subclass the Jahia Webdav servlet and return an error if someone
is doing a POST and is not using https as protocol?
Regards
/Lars Hagrot
CodeMonkey
<[EMAIL PROTECTED]
eturn.com.au> To
Sent by: news [email protected]
<[EMAIL PROTECTED] cc
rg>
Subject
Re: Secure webdav?
2005-11-08 20:10
Please respond to
<[EMAIL PROTECTED]
ia.org>
Lars,
I am not sure whether this will help, but take a look at ISAPI rewrite
(there is a free 'lite' version) at http://www.helicontech.com/ which
works much like apache mod_rewrite. This will allow you to rewrite URLs
dependent on the User-agent as well - so you could conceivably force
https on webdav for specific clients.
[EMAIL PROTECTED] wrote:
Hi!
For security reasons "some people" want to only use https for logged in
and edit mode in Jahia.
I have succeded to help them by using java script in the login.jsp file
and in common header jsp files which changes protocol if logged in or if
they want to logg in.
Now they want to force or ensure https also if they use an external
webdav client like windows file manager. Has anyone heard about such a
requirement and how to solv the problem. It would be nice if it could be
done by reconfigure jahias web.xml or tomcat.
They have to use IIS! ( This would not be any hard problem if they
could use Apache Web Server)
Regards
/Lars Hagrot
