Would it work if you carried the SSL through and continued the session?
On 1/24/06, David Pratt <[EMAIL PROTECTED]> wrote: > Hi Jens. I tried something similar to this about a year ago as an > experiment. I think the problem I had at the time with with session > expiring and I was thinking about storing the session data in the > database and retrieving it back when user went back to non-ssl. This was > a while ago and I did not follow it through at the time. I am use CMF > not Plone however. > > Regards, > David > > Jens Vagelpohl wrote: > > > > On 24 Jan 2006, at 18:10, David Pratt wrote: > > > >> I think this should be doable for single cert with multiple domains. > >> Setup you exising ip with one domain (ie. mysecure_domain.com). Get > >> the cert on this domain. > > > > > > <snip> > > > > Have you tested this? The authentication machinery uses cookies, and > > the browser will not send cookies that were set by the secure login > > host to the unsecured sites. > > > > jens > > > > _______________________________________________ > > Zope maillist - [email protected] > > http://mail.zope.org/mailman/listinfo/zope > > ** No cross posts or HTML encoding! ** > > (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce > > http://mail.zope.org/mailman/listinfo/zope-dev ) > > > _______________________________________________ > Zope maillist - [email protected] > http://mail.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://mail.zope.org/mailman/listinfo/zope-announce > http://mail.zope.org/mailman/listinfo/zope-dev ) > _______________________________________________ Zope maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
