WebObjects, just-in-time login and SSL
WebObjects, just-in-time login and SSL
- Subject: WebObjects, just-in-time login and SSL
- From: Mark Wardle <email@hidden>
- Date: Thu, 14 Apr 2011 22:52:03 +0100
Hi there.
I now have a [almost] working system that checks a system property and
conditionally forces the use of https for relevant resources.
There is some hostname flakiness going on which messes with cookies
(switching between localhost and Daisy.local) which is odd.
The main reason why the hostname keeps getting changed in my use of
ERXNavigationMenu and specifically the way it generates URLs for
direct actions. These seem to insist on being full URLs (and hence
change the hostname) although this somewhat depends on whether I'm
switch from storing sessions in a cookie or URL. Whatever the case,
despite the navigation buttons being rendered on a https page, the
link goes to http:// I note any component actions simply use a
relative URL and stay as https:// and exhibit no hostname flakiness.
I'm ready the relevant wiki pages on SSL and specifically setting the
hostname to localhost specifically in all the relevant configuration
files.
My naive assessment of this is that within
ERXNavigationMenuItem.contextComponentActionURL() should be fixed to
default to the current setup:
change
return context().directActionURLForActionNamed(navigationItem().directActionName(),
bindings);
to
return context().directActionURLForActionNamed(navigationItem().directActionName(),
bindings, ERXRequest.isRequestSecure(context().request()), false);
Or is this wrong?
Many thanks,
Mark
--
Dr. Mark Wardle
Specialist registrar, Neurology
Cardiff, UK
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden