[opencms-dev] SSL for workplace

RuiXian BAO ruixian.bao at gmail.com
Sat Oct 14 20:32:03 CEST 2006


Hello Christian,

On 10/14/06, Christian Steinert <christian_steinert at web.de> wrote:
>
> Hi List,
>
> I have searched for information about securing the workplace (but only
> the workplace) with SSL, yet I did not found any solutions.


I have used ssl for the workplace only on my own linux box on the Apache
part without observing any problem for several months. The only thing I need
to make my uploading still working is to make my Jvm to recognize my
self-signed cert, which should not be a problem for a cert signed by a
well-known organization.

If I remember correctly then with opencms5 there was a property-setting
> to disallow unencrypted workplace login. But I have not found such a
> setting anymore with opencms 6.


I have not used  opencms 5:)

How can I:
> 1. block workplace logins over unencryped http
> 2. still allow http for viewing the site through the same servlet context
>
> ___
>
> Is there any way to do this (at best without resorting to proxying)?


I have two virtual hosts on my apache server, one is workplace configured
for ssl, the other for normal end users. My solution is only for ssling at
apache part, nothing is done on the tomact part except configuring workplace
using https in the opencms-system.xml file, but this seems not to be a big
issue, since the apache and tomcat are located in the same box.

Best

- RuiXian

thanks a lot
> christian
>
>
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20061014/001061ba/attachment.htm>


More information about the opencms-dev mailing list