Question
I want to allowhttp for actions that don't need authentication (view, search and maybe viewfile), but I want to force https for all other actions (mainly viewauth, edit, ...)
One solution is to use the trick described in HowToForceSecureLoginForSomeWebs to redirect http requests to https requests.
I also want that if a view action comes from http the topic is displayed without headers and footers.
I can make the patches to the perl source files.
I want to know if someone already did these modifications, and if other people are interested if I provide such a patch.
A few hours later...
I should probably take another approach...
If I configure TWiki such that it creates a static variant of all the topics,
I can make TWiki run under the https server and the http server will only know about the static pages.
Apparently CacheAddOn would be a good starting point for this approach.
But it will need some changes: for example the static http version should not be exactly the same as the https version, because e.g. links to edit should not appear.
Environment
| TWiki version: | 20040320beta |
Answer
Louis - can you take this idea to the Codev web (i think you can move the topic) as this and HowToForceSecureLoginForSomeWebs have serious significance, and I could do with help in this area (I have no experience in ssl, and have not had any need in my own twiki work) and would like TWiki to do ssl in an integrated fashion -- SvenDowideit - 27 Jun 2004
Topic revision: r4 - 2004-09-02 - PeterThoeny
Site map
Blog web
Search
Changes
RSS Feed
Notifications
Statistics
Preferences
Register new user
Support Forum 
Ask a question
Open questions 
My recent questions
Get quick help in #twiki IRC channel
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.