[opencms-dev] Delivering site with http and https

] Code Create [ Bernd Wolfsegger ocms at code-create.de
Mon Jan 3 14:56:12 CET 2011 

Hi Florian,

o.k. now I understand your problem.
Well, I don't use this secure file stuff at all in my configurations, though naturally I use always cms.link.
So, I have the link to the secured area dynamically coded as https link in the JSP (if you're logged in it gets a "logout" link).
Additionally I use "Base href", which I set to https if somebody is logged in (no guest user) and to http if not (guest user) (but maybe that's not necessary; just noted that I did it actually this way...).
I also access my OpenCms workplace via https without having a special server entry.

Looks something like that:

    <sites>
      <workplace-server>https://workplace.com</workplace-server>
      <default-uri>/sites/workplace/</default-uri>
      <site server="http://mysite.de" uri="/sites/mysite/">
		<secure server="https://mysite.de"/>
		<alias server="http://mysite.com"/>
		<alias server="http://mysite.fr"/>
		<alias server="http://aliassite.de"/>
      </site>
      <site server.... />
	.
	.
	.
    </sites>

Maybe I did it that way some time ago, because of the limitations of this OpenCms secure stuff.

If anybody knows a way the to get the secure stuff working the way we like it going the opencms way I would be interested too :-).

Kind regards, Bernd

> -----Ursprüngliche Nachricht-----
> Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
> bounces at opencms.org] Im Auftrag von Florian Hopf
> Gesendet: Montag, 3. Januar 2011 14:18
> An: The OpenCms mailing list
> Betreff: Re: [opencms-dev] Delivering site with http and https
> 
> Hi Bernd,
> 
> thanks for your reply.
> 
> ] Code Create [ Bernd Wolfsegger schrieb:
> > perhaps I don't understand your problem correctly, but if you use
> relative
> > links only on your site and no base href to some http, you should stay
> https
> > if you are on a https page with relative links on it.
> > That’s completely independent from Opencms.
> >
> 
> You are right, this would work. But it doesn't when you use <cms:link>
> which prepends the http-server prefix for any links to non secure
> resources if you are on the secured page.
> 
> My understanding is that the secure-machanism is similar to the
> multisite behaviour: If you access a resource that is marked as secure,
> the special secure server/site is used. If you access a resource that
> isn't marked as secure the default site server is used. And when
> switching between two sites cms:link results in an absolute url.
> 
> Regards
> Florian
> 
> > Kind regards, Bernd
> >
> >> -----Ursprüngliche Nachricht-----
> >> Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
> >> bounces at opencms.org] Im Auftrag von Florian Hopf
> >> Gesendet: Montag, 3. Januar 2011 12:05
> >> An: The OpenCms mailing list
> >> Betreff: [opencms-dev] Delivering site with http and https
> >>
> >> Hi,
> >>
> >> I'd like to deliver a site using http but when a user logs in it
> should
> >> switch to https and stay on https. What's the best way of doing this?
> >>
> >> I tried setting my login jsp as a secure resource and added the https
> >> server as alias. The login works ok but when I navigate to a resource
> >> that is not marked as secure it switches back to http and the login
> is
> >> lost as the cookie is only valid for https.
> >>
> >> Is it possible to do something like this using the OpenCms
> mechanisms?
> >>
> >> Regards
> >> Florian
> >>
> >>
> >> _______________________________________________
> >> This mail is sent to you from the opencms-dev mailing list
> >> To change your list options, or to unsubscribe from the list, please
> >> visit
> >> http://lists.opencms.org/mailman/listinfo/opencms-dev
> >
> >
> > _______________________________________________
> > This mail is sent to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
> visit
> > http://lists.opencms.org/mailman/listinfo/opencms-dev
> 
> 
> --
> /**
>  * Florian Hopf
>  * Synyx GmbH & Co. KG
>  * OpenSource Solutions
>  * Karlstr. 68
>  * 76137 Karlsruhe
>  * phone  +49(0)721 911 83 03
>  * fax   +49(0)721 66 48 877
>  * www   http://www.synyx.de
>  * blog  http://blog.synyx.de
>  * blog  http://mobile.synyx.de
>  * forum http://www.opencms-forum.de
>  * irc   irc://irc.synyx.de
>  *
>  * Sitz der Gesellschaft: Karlsruhe
>  * Registergericht: Mannheim
>  * Handelsregisternummer: HRA 4793
>  * USt-IdNr.: DE249264296
>  *
>  * Komplementärin: Elatech Verwaltungs GmbH
>  * Sitz der Gesellschaft: Karlsruhe
>  * Geschäftsführer: Markus Daniel
>  * Registergericht: Mannheim
>  * Handelsregisternummer: HRB 7250
>  */
> 
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev

More information about the opencms-dev mailing list