On Tue, 2006-01-24 at 22:39, Matt Raible wrote:
On 1/24/06, Allen Gilliland [EMAIL PROTECTED] wrote:
Well, it works if all you do is start in http and login, but it doesn't
actually enforce the proper schemes. i.e. try hitting the root page of the
app under https and you'll see that it
On 1/25/06, Allen Gilliland [EMAIL PROTECTED] wrote:
On Tue, 2006-01-24 at 22:39, Matt Raible wrote:
On 1/24/06, Allen Gilliland [EMAIL PROTECTED] wrote:
Well, it works if all you do is start in http and login, but it doesn't
actually enforce the proper schemes. i.e. try hitting the
On Wed, 2006-01-25 at 10:02, Matt Raible wrote:
IMO, this isn't a show stopper because I believe that most folks will
either use 80/443 or 8080/8443.
sort of, but even with our current config it's not setup to properly force
all urls back to http except for the ones we list.
I only see this partially working. I get switching from http - https, but it
never switches back to http.
-- Allen
On Mon, 2006-01-23 at 21:47, Matt Raible wrote:
This seems to work - we might want to specify 80/443 and 8080/8443 as
the defaults and point users to security.xml if they'd
It worked for me on login. What ports are you using? Please provide
the steps to reproduce and I'll try to do so.
Matt
On 1/24/06, Allen Gilliland [EMAIL PROTECTED] wrote:
I only see this partially working. I get switching from http - https, but
it never switches back to http.
-- Allen
Well, it works if all you do is start in http and login, but it doesn't
actually enforce the proper schemes. i.e. try hitting the root page of the app
under https and you'll see that it won't redirect you back to http.
A typical example would be to hit the login link and get to the login page
Alright, well I've this again and I still can't get it to work, so unless
someone else can tackle this then I think the only alternative is to bring back
the old SchemeEnforcementFilter and not use Acegi's scheme switching.
-- Allen
On Tue, 2006-01-24 at 10:55, Allen Gilliland wrote:
Well,
I'll attempt to fix this tonight.
Matt
On 1/24/06, Allen Gilliland [EMAIL PROTECTED] wrote:
Well, it works if all you do is start in http and login, but it doesn't
actually enforce the proper schemes. i.e. try hitting the root page of the
app under https and you'll see that it won't
On 1/24/06, Allen Gilliland [EMAIL PROTECTED] wrote:
Well, it works if all you do is start in http and login, but it doesn't
actually enforce the proper schemes. i.e. try hitting the root page of the
app under https and you'll see that it won't redirect you back to http.
A typical example
I'll try to look at this tonight.
Matt
On 1/23/06, Allen Gilliland [EMAIL PROTECTED] wrote:
Matt,
there is currently still no way to set the ports that Acegi uses for it's
scheme enforcement. i think this is something that has to be done before we
can release 2.1.
i've tried looking at
This seems to work - we might want to specify 80/443 and 8080/8443 as
the defaults and point users to security.xml if they'd like to add
others. For the most part, I don't see why the above won't work for
folks, so I don't know if it's a good idea to add this in or not.
Index:
11 matches
Mail list logo