Hi David,
thank you for trying to help me.
I try now to better explain the issue.
Before the Secure URL chage was introduced, whenever I had to test my OFBiz
installation using unsecure only access,
I did set the port.https.enabled= 'N' in the url.properties file.
This was very usefull in several cases (ie firewalls only allowing http).
This only change was enough to have the complete OFBiz installation to
operate on http only (no https).
If I do the same now that the secure URL is there, I cannot avoid the use of
https.
How to gain again the easy (one single change in one single file) https
disable feature in OFBiz now?
Many thanks,
Angelo
Angelo Matarazzo wrote:
>
> Hello, Everyone
> I have seen the new security improvement, but I would like to know if
> there is a global property in order to ignore https="true" for every
> request.
>
> To ignore https in every controller.xml, I have set https=N in
> url.properties
> and I have also modified ConfigXml.java in this way
>
> - if (securityElement != null) {
> - this.securityHttps =
> "true".equals(securityElement.getAttribute("https"));
>
> + if (securityElement != null) {
> + this.securityHttps = false;
>
> So I don't use secure URLs.
> Waht do you think about global property and my solution?
> Any advice would be greatly appreciated.
> Thank you
>
--
View this message in context:
http://www.nabble.com/Problem-with-https-tp22810404p22845282.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
