Hey Stas,
> > So, I am running a mod_perl/mod_ssl enabled Apache web server.
> > The home page (and several other unprotected pages) need to listen on both
> > the encrypted port 443 and non-encrypted port 80. However, I would like
> > to force all authentication requests to go through the encrypted side so
> > the passwords is never passed in plain text.
> >
> > In the past I have done this by adding a mod_rewrite for each area
> > which I knew was protected. Is there any way I can do this in a more
> > dynamic fashion?
>
> You are having front/end-back setup, right? If so:
> http://thingy.kcilink.com/modperlguide/config/Knowing_the_proxy_pass_ed_Connec.html
Actually no, we had not yet setup the frontend/backend thing yet. I was
more hoping we could do this with either a
PerlTransHandler
or by adding logic to my Apache::Authen handler. Any hope, or do we need
to go to the frontend/backend setup to do this?
Thanks,
Joshua