>
>
>
>> 2. With the SSL connector enabled, https://* is globally respected on the
>> entire webapp. Do I need to manually check the URL/protocol to deny or
>> redirect https to http outside of '/admin'? Is there any built in TC
>> mechanism or suggested best practice to handle this? or should I not care?
>>
>
> We use two-factor authentification with SSL - but I think in your case
> this can be helpful too - not a big difference.
> Try look at this:
>
> http://wiki.metawerx.net/wiki/ForcingSSLForSectionsOfYourWebsite
>
>>
>>
Arseny, thank you. I wasn't aware of the user-data-constraint
and transport-guarantee elements. I'll give them a try.
