Hi Jens. I tried something similar to this about a year ago as an
experiment. I think the problem I had at the time with with session
expiring and I was thinking about storing the session data in the
database and retrieving it back when user went back to non-ssl. This was
a while ago and I did not follow it through at the time. I am use CMF
not Plone however.
Regards,
David
Jens Vagelpohl wrote:
On 24 Jan 2006, at 18:10, David Pratt wrote:
I think this should be doable for single cert with multiple domains.
Setup you exising ip with one domain (ie. mysecure_domain.com). Get
the cert on this domain.
<snip>
Have you tested this? The authentication machinery uses cookies, and
the browser will not send cookies that were set by the secure login
host to the unsecured sites.
jens
_______________________________________________
Zope maillist - [email protected]
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
_______________________________________________
Zope maillist - [email protected]
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
