incubator-heraldry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From record...@apache.org
Subject svn commit: r503840 - /incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb
Date Mon, 05 Feb 2007 19:50:22 GMT
Author: recordond
Date: Mon Feb  5 11:50:21 2007
New Revision: 503840

URL: http://svn.apache.org/viewvc?view=rev&rev=503840
Log:
Use SSL on an account subdomain so discovery happens securly

Modified:
    incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb

Modified: incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb
URL: http://svn.apache.org/viewvc/incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb?view=diff&rev=503840&r1=503839&r2=503840
==============================================================================
--- incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb (original)
+++ incubator/heraldry/idp/pip/trunk/app/controllers/account_controller.rb Mon Feb  5 11:50:21
2007
@@ -26,6 +26,7 @@
 #
 # == Requirements
 # SSL is used on all pages except #index, and #forgot_password.
+# #index uses it on an account_subdomain in the index function.
 #
 # Login is required for #activate, #congratulations, #edit, #logout,
 # #resend_confirmaton, #welcome.
@@ -35,7 +36,7 @@
 class AccountController < ApplicationController
   unless APP_CONFIG[:ssl_disabled]
     ssl_required :except => [:index, :forgot_password]
-    ssl_prohibited :only => [:index, :forgot_password]
+    ssl_prohibited :only => [:forgot_password]
   end
 
   before_filter :login_required, :only =>
@@ -52,6 +53,9 @@
   def index
     redirect_to :action => 'welcome' if logged_in?
     if account_subdomain
+      unless APP_CONFIG[:ssl_disabled]
+        ssl_required
+      end
       set_yadis_headers
       return(yadis_response) if yadis_request?(request)
     end



Mime
View raw message