Re: SSL
Re: SSL
- Subject: Re: SSL
- From: Jerald Dawson <email@hidden>
- Date: Tue, 7 Sep 2010 15:42:04 -0500
5.4.3
On Sep 7, 2010, at 2:14 PM, Chuck Hill wrote:
> Which version of WO?
>
>
> On Sep 6, 2010, at 8:05 PM, Jerald Dawson wrote:
>
>> Hello Simon
>>
>> Thanks for much for this example. I got it going from non-secure to secure but when I try to go from secure to non-secure, the redirected page ends up with a URL like this:
>>
>> http://hostname:443/...
>>
>> (notice the port 443 with the http protocol). If I remember correctly, this was a problem way back when but a search of google didn't turn up any thing helpful except for an old posting from 2004 by Chuck Hill stating something about needed to subclass WOContext to override the method for building the URL.
>>
>> Any pointers from anyone would be appreciated.
>>
>> -j
>>
>> On Aug 20, 2010, at 5:23 AM, Simon wrote:
>>
>>> here's how we do it....
>>>
>>> @Override
>>> public void appendToResponse(WOResponse response, WOContext context) {
>>>
>>> boolean enableSsl = "true".equals(System.getProperty("enableSSL"));
>>> boolean secure = ((ERXRequest) context.request()).isSecure();
>>> boolean pageShouldBeSecure = enableSsl ? CTSecurityPolicy.policy().getSslPages()
>>> .contains(context.page().name()) : false;
>>>
>>> if ((secure && !pageShouldBeSecure) || (!secure && pageShouldBeSecure)) {
>>> // Switch the SSL mode.
>>> ERXRedirect pg = (ERXRedirect) pageWithName(ERXRedirect.class.getName());
>>> pg.setComponentToPage();
>>> pg.setSecure(enableSsl ? !secure : false);
>>> pg.appendToResponse(response, context);
>>>
>>> } else {
>>> super.appendToResponse(response, context);
>>> }
>>>
>>> }
>>>
>>> simon
>>>
>>>
>>> On 19 August 2010 22:31, Jerald Dawson <email@hidden> wrote:
>>> Hello you WONDERful people (wonder, get it? oh never mind)
>>>
>>> I have an old site that I've been maintaining for about 7 years. I have a framework that I wrote years ago, part of which includes a subclass of WOComponent that allows you to indicate whether or not a page should be served up via https (the isSecure method returns true). Anyway, I've added a bunch of functionality to the site, thanks to project wonder, but I'm having issues with session management. I've traced it back to the funkiness that I do with the request/response in my WOComponent subclass. Since alot of what my framework does, wonder already provides, I want to just get ride of my old framework. The only thing I'm not sure about is does wonder provide any easy(er?) way to indicate whether a page should be served up securely. Is the only way to do it really to use a WORedirect or am I missing something? I'll really miss just returning true from isSecure().
>>>
>>> Thanks in advance.
>>>
>>> Jerald Dawson _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Webobjects-dev mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Webobjects-dev mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> --
> Chuck Hill Senior Consultant / VP Development
>
> Practical WebObjects - for developers who want to increase their overall knowledge of WebObjects or who are trying to solve specific problems.
> http://www.global-village.net/products/practical_webobjects
>
>
>
>
>
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
| References: | |
| | >Re: SSL (From: Jerald Dawson <email@hidden>) |
| | >Re: SSL (From: Chuck Hill <email@hidden>) |