Redirecting from http to https
9 views
Skip to first unread message
Clifford Moon
Apr 20, 2012, 1:05:47 PM4/20/12
to model-glue
Greetings,
We are enforcing https for all login pages. What is the best method
for redirecting from http to https and where within the model glue
framework should this go?
Thanks for any help in advance,
Cliff
We are enforcing https for all login pages. What is the best method
for redirecting from http to https and where within the model glue
framework should this go?
Thanks for any help in advance,
Cliff
HENRI Jeremie
Apr 20, 2012, 1:08:20 PM4/20/12
to model...@googlegroups.com
Why not do that using a rewrite directive on apache. That would be easier to do.
http://www.sslshopper.com/apache-redirect-http-to-https.html
Hope that helps!
http://www.sslshopper.com/apache-redirect-http-to-https.html
Hope that helps!
Jeremie
> --
> Model-Glue Sites:
> Home Page: http://www.model-glue.com
> Documentation: http://docs.model-glue.com
> Bug Tracker: http://bugs.model-glue.com
> Blog: http://www.model-glue.com/blog
>
> You received this message because you are subscribed to the Google
> Groups "model-glue" group.
> To post to this group, send email to model...@googlegroups.com
> To unsubscribe from this group, send email to
> model-glue+...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/model-glue?hl=en
Chris Blackwell
Apr 20, 2012, 3:33:00 PM4/20/12
to model...@googlegroups.com
In any events that need to be secure broadcast a message thats picked up by a controller, have that check if the current sheme is https, and if not have it redirect to itself on https
heres a really quick untested example
<event-handler name="page.secure">
<broadcasts>
<message name="checkSecure" />
</broadcasts>
...
</event-handler>
//controller.cfc
function checkSecure(event) {
if(!CGI.SERVER_PORT_SECURE) {
// the domain should probably come from a config bean or whatever
var myself = "https://mysite.com/" & event.linkTo(event.getInitialEventHandlerName());
location(url=myself);
}
}
If you need to secure large numbers of events use an event-type for that event-handlers blocks
Cheers, Chris
Clifford Moon
Apr 25, 2012, 10:27:12 AM4/25/12
to model-glue
Greetings,
Thanks for the responses. It was implemented using the server, but
I'm happy to have the eventType suggestion below in case it's needed
in the future.
Again, thanks all..
Clfif
On Apr 20, 2:33 pm, Chris Blackwell <ch...@team193.com> wrote:
> In any events that need to be secure broadcast a message thats picked up by
> a controller, have that check if the current sheme is https, and if not
> have it redirect to itself on https
>
> heres a really quick untested example
>
> <event-handler name="page.secure">
> <broadcasts>
> <message name="checkSecure" />
> </broadcasts>
> ...
> </event-handler>
>
> //controller.cfc
> function checkSecure(event) {
> if(!CGI.SERVER_PORT_SECURE) {
> // the domain should probably come from a config bean or whatever
> var myself = "https://mysite.com/"
> & event.linkTo(event.getInitialEventHandlerName());
> location(url=myself);
> }
>
> }
>
> If you need to secure large numbers of events use an event-type for that
> event-handlers blocks
>
> Cheers, Chris
>
Thanks for the responses. It was implemented using the server, but
I'm happy to have the eventType suggestion below in case it's needed
in the future.
Again, thanks all..
Clfif
On Apr 20, 2:33 pm, Chris Blackwell <ch...@team193.com> wrote:
> In any events that need to be secure broadcast a message thats picked up by
> a controller, have that check if the current sheme is https, and if not
> have it redirect to itself on https
>
> heres a really quick untested example
>
> <event-handler name="page.secure">
> <broadcasts>
> <message name="checkSecure" />
> </broadcasts>
> ...
> </event-handler>
>
> //controller.cfc
> function checkSecure(event) {
> if(!CGI.SERVER_PORT_SECURE) {
> // the domain should probably come from a config bean or whatever
> var myself = "https://mysite.com/"
> & event.linkTo(event.getInitialEventHandlerName());
> location(url=myself);
> }
>
> }
>
> If you need to secure large numbers of events use an event-type for that
> event-handlers blocks
>
> Cheers, Chris
>
> On 20 April 2012 18:08, HENRI Jeremie <jeremie.he...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Why not do that using a rewrite directive on apache. That would be easier
> > to do.
> >http://www.sslshopper.com/apache-redirect-http-to-https.html
> > Hope that helps!
>
> > Jeremie
>
> > On Apr 21, 2012, at 2:05 AM, Clifford Moon <clifford.m...@gmail.com>
>
>
>
>
>
>
>
> > Why not do that using a rewrite directive on apache. That would be easier
> > to do.
> >http://www.sslshopper.com/apache-redirect-http-to-https.html
> > Hope that helps!
>
> > Jeremie
>
Reply all
Reply to author
Forward
0 new messages