httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jens Stavnstrup>
Subject When SSL is overkill
Date Wed, 03 Jul 2002 11:19:33 GMT

Currently, I have a server with a number of virtual hosts (several using
http and one using https (i.e. SSL)).

All material that are restricted to the public are placed on the SSL
server, which means that access control all all material are encrypted. So
far so good. 

However, most of the restricted material, could just a well be placed on a
normal http, if it was not for the access control. I am currently using
Basic authentication on the SLL, which ensures that my password is not
transfered in clear text.

Is it possible to configure a server, so

   - when entering the server, authentication is done over SSL
   - After the user sucessfully logged in, the contents of the the server 
     can be transfered using only http



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message