[opencms-dev] Delivering site with http and https

Florian Hopf hopf at synyx.de
Mon Jan 3 15:19:59 CET 2011 

Hi Bernd,

ok, I think this was really helpful :)

It seems to work if I don't add a secure server at all and manually post
my form to the secure url.

This is what my site configuration looks like now:

    <sites>
      <workplace-server>https://workplace.foo.bar</workplace-server>
      <default-uri>/sites/default/</default-uri>
      <site server="http://foo.bar" uri="/sites/default/">
        <alias server="https://foo.bar" />
      </site>
    </sites>

The login link statically points to the https server. The first quick
tests do look promising.

Thanks a lot
Florian

] Code Create [ Bernd Wolfsegger schrieb:
> Hi Florian,
> 
> o.k. now I understand your problem.
> Well, I don't use this secure file stuff at all in my configurations, though naturally I use always cms.link.
> So, I have the link to the secured area dynamically coded as https link in the JSP (if you're logged in it gets a "logout" link).
> Additionally I use "Base href", which I set to https if somebody is logged in (no guest user) and to http if not (guest user) (but maybe that's not necessary; just noted that I did it actually this way...).
> I also access my OpenCms workplace via https without having a special server entry.
> 
> Looks something like that:
> 
>     <sites>
>       <workplace-server>https://workplace.com</workplace-server>
>       <default-uri>/sites/workplace/</default-uri>
>       <site server="http://mysite.de" uri="/sites/mysite/">
> 		<secure server="https://mysite.de"/>
> 		<alias server="http://mysite.com"/>
> 		<alias server="http://mysite.fr"/>
> 		<alias server="http://aliassite.de"/>
>       </site>
>       <site server.... />
> 	.
> 	.
> 	.
>     </sites>
> 
> Maybe I did it that way some time ago, because of the limitations of this OpenCms secure stuff.
> 
> If anybody knows a way the to get the secure stuff working the way we like it going the opencms way I would be interested too :-).
> 
> Kind regards, Bernd
> 
>> -----Ursprüngliche Nachricht-----
>> Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
>> bounces at opencms.org] Im Auftrag von Florian Hopf
>> Gesendet: Montag, 3. Januar 2011 14:18
>> An: The OpenCms mailing list
>> Betreff: Re: [opencms-dev] Delivering site with http and https
>>
>> Hi Bernd,
>>
>> thanks for your reply.
>>
>> ] Code Create [ Bernd Wolfsegger schrieb:
>>> perhaps I don't understand your problem correctly, but if you use
>> relative
>>> links only on your site and no base href to some http, you should stay
>> https
>>> if you are on a https page with relative links on it.
>>> That’s completely independent from Opencms.
>>>
>> You are right, this would work. But it doesn't when you use <cms:link>
>> which prepends the http-server prefix for any links to non secure
>> resources if you are on the secured page.
>>
>> My understanding is that the secure-machanism is similar to the
>> multisite behaviour: If you access a resource that is marked as secure,
>> the special secure server/site is used. If you access a resource that
>> isn't marked as secure the default site server is used. And when
>> switching between two sites cms:link results in an absolute url.
>>
>> Regards
>> Florian
>>
>>> Kind regards, Bernd
>>>
>>>> -----Ursprüngliche Nachricht-----
>>>> Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
>>>> bounces at opencms.org] Im Auftrag von Florian Hopf
>>>> Gesendet: Montag, 3. Januar 2011 12:05
>>>> An: The OpenCms mailing list
>>>> Betreff: [opencms-dev] Delivering site with http and https
>>>>
>>>> Hi,
>>>>
>>>> I'd like to deliver a site using http but when a user logs in it
>> should
>>>> switch to https and stay on https. What's the best way of doing this?
>>>>
>>>> I tried setting my login jsp as a secure resource and added the https
>>>> server as alias. The login works ok but when I navigate to a resource
>>>> that is not marked as secure it switches back to http and the login
>> is
>>>> lost as the cookie is only valid for https.
>>>>
>>>> Is it possible to do something like this using the OpenCms
>> mechanisms?
>>>> Regards
>>>> Florian
>>>>
>>>>
>>>> _______________________________________________
>>>> This mail is sent to you from the opencms-dev mailing list
>>>> To change your list options, or to unsubscribe from the list, please
>>>> visit
>>>> http://lists.opencms.org/mailman/listinfo/opencms-dev
>>>
>>> _______________________________________________
>>> This mail is sent to you from the opencms-dev mailing list
>>> To change your list options, or to unsubscribe from the list, please
>> visit
>>> http://lists.opencms.org/mailman/listinfo/opencms-dev
>>
>> --
>> /**
>>  * Florian Hopf
>>  * Synyx GmbH & Co. KG
>>  * OpenSource Solutions
>>  * Karlstr. 68
>>  * 76137 Karlsruhe
>>  * phone  +49(0)721 911 83 03
>>  * fax   +49(0)721 66 48 877
>>  * www   http://www.synyx.de
>>  * blog  http://blog.synyx.de
>>  * blog  http://mobile.synyx.de
>>  * forum http://www.opencms-forum.de
>>  * irc   irc://irc.synyx.de
>>  *
>>  * Sitz der Gesellschaft: Karlsruhe
>>  * Registergericht: Mannheim
>>  * Handelsregisternummer: HRA 4793
>>  * USt-IdNr.: DE249264296
>>  *
>>  * Komplementärin: Elatech Verwaltungs GmbH
>>  * Sitz der Gesellschaft: Karlsruhe
>>  * Geschäftsführer: Markus Daniel
>>  * Registergericht: Mannheim
>>  * Handelsregisternummer: HRB 7250
>>  */
>>
>> _______________________________________________
>> This mail is sent to you from the opencms-dev mailing list
>> To change your list options, or to unsubscribe from the list, please
>> visit
>> http://lists.opencms.org/mailman/listinfo/opencms-dev
> 
> 
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev


-- 
/**
 * Florian Hopf
 * Synyx GmbH & Co. KG
 * OpenSource Solutions
 * Karlstr. 68
 * 76137 Karlsruhe
 * phone  +49(0)721 911 83 03
 * fax   +49(0)721 66 48 877
 * www   http://www.synyx.de
 * blog  http://blog.synyx.de
 * blog  http://mobile.synyx.de
 * forum http://www.opencms-forum.de
 * irc   irc://irc.synyx.de
 *
 * Sitz der Gesellschaft: Karlsruhe
 * Registergericht: Mannheim
 * Handelsregisternummer: HRA 4793
 * USt-IdNr.: DE249264296
 *
 * Komplementärin: Elatech Verwaltungs GmbH
 * Sitz der Gesellschaft: Karlsruhe
 * Geschäftsführer: Markus Daniel
 * Registergericht: Mannheim
 * Handelsregisternummer: HRB 7250
 */

More information about the opencms-dev mailing list