Question

I am trying to set up a TWiki site that sends everything through https with NatSkin authentication. Currently it works perfectly fine without SSL encryption.

Here is the problem: I try using mod_ssl rewrite in Apache with an old configuration file that looks like this:

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R,L]

When that is turned on, and I try to log into TWiki, I get nowhere. You can see for yourself at its temporary home here: https://169.229.248.232/twiki/bin/login

Login attempts do not spit out errors, nor do they let me past the login screen. The error logs give me no clue as to why this is happening. I've tried removing the .htaccess file, but that has no effect. I've searched all over this site for an answer without any luck. Any help at all is greatly appreciated.

Environment

-- GarrettJohnson - 14 Nov 2007

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

The forensic part is pretty clear: Apparently the form in the login screen points to a http instead of a https URL. However, I am not familiar with NatSkin (which you are using). The SVN code and the documentation on NatSkin / NatSkinPlugin are mentioning a variable HTTPSLOGON which needs to be added to your TWikiPreferences. Maybe you are running an outdated version of NatSkin, or you just need to define that variable?

-- HaraldJoerg - 14 Nov 2007

Closing this support question after more than 30 days of inactivity. Please feel free to re-open if needed.

-- PeterThoeny - 01 Jan 2008