incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Terry Steichen <te...@net-frame.com>
Subject Re: baseURL when mixing SSL and non-SSL
Date Sat, 21 Mar 2009 19:01:16 GMT
Our of curiosity I just tried to invoke my JSPWiki Login.jsp page with
https vs http - it failed and here's what I got:

        SSL received a record that exceeded the maximum permissible
        length.
        (Error code: ssl_error_rx_record_too_long)
        The page you are trying to view can not be shown because the
        authenticity of the received data could not be verified.
        
            * Please contact the web site owners to inform them of this
        problem.

I'm using port 80 and I started with http at the main prompt (prior to
invoking Login.jsp).

Do I have to arrange with my hosting service to activate SSL?  Or is
there something else needed?


On Sat, 2009-03-21 at 18:33 +0200, Janne Jalkanen wrote:

> Cookie/sessionwise that should be fine (as long as you are running in  
> the standard ports and you start first with http before switching to  
> https).
> 
> Andrew, any chance you could have a writeup on this common scenario at  
> doc.jspwiki.org?
> 
> /Janne
> 
> On 21 Mar 2009, at 16:22, Wyllys Ingersoll wrote:
> 
> >
> > Does JSPWiki get confused by having both SSL and non-SSL access to  
> > the wiki?
> >
> > For example, my main site URL is: http://foo.bar.com
> > I want to secure the Login page so passwords are not passed around  
> > in the clear, so
> > my login happens at https://foo.bar.com/Login.jsp?redirect=Main
> >
> > Once the users are logged in, I would prefer to switch them back to  
> > a non-SSL
> > connection. Is this possible to do without confusing JSPWiki and  
> > losing track
> > of the session and logged-in information?
> >
> > thanks,
> > Wyllys
> >
> >

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message