roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "\(David\) Ming Xia" <david.ming....@ibol.biz>
Subject Re: Problem in switching to HTTPS channel
Date Fri, 12 Jun 2009 03:26:24 GMT

All, 

 I modified security.xml as following:

--------------------------------------------------- 
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/roller_j_security_check=REQUIRES_SECURE_CHANNEL
/roller-ui/login-redirect.jsp=REQUIRES_SECURE_CHANNEL
/roller-ui/login.rol=REQUIRES_SECURE_CHANNEL
/roller-ui/register.rol=REQUIRES_SECURE_CHANNEL
/roller-ui/register!save.rol=REQUIRES_SECURE_CHANNEL
</value>
</property> 
-----------------------------------------------------

I also modified roller-custom.properties

---------------------------------------------------
# Enables HTTPS for login page only
securelogin.enabled=true
# Enable scheme enforcement?
# Scheme enforcement ensures that specific URLs are viewed only via HTTPS
schemeenforcement.enabled=true
---------------------------------------------------


I tried https://localhost:9443/blog/roller-ui/login-redirect.rol and https://localhost:9443/blog/roller-ui/register.rol
It still doesn't work.   Any idea?


Thank you very much.

David




--- On Thu, 6/11/09, (David) Ming Xia <david.ming.xia@ibol.biz> wrote:


From: (David) Ming Xia <david.ming.xia@ibol.biz>
Subject: Problem in switching to HTTPS channel
To: "Mailing List Apache Roller User" <user@roller.apache.org>, "Mailing List Apache
Roller Developer" <dev@roller.apache.org>
Date: Thursday, June 11, 2009, 11:05 AM


Hi, Everyone. 
  
  I could not set up switching to HTTPS channel for login.   I added couple of line into
security.xml as illustrated in the following sample code.  I started the application and
tried to login at https://localhost:9443/blog/roller-ui/login.rol.  The login page was not
load up.
 
 
  I would appreciate if some one could give some advices.  Do I need to something in
addition to change security.xml?  
  
  
  
Thank you for your help.  
  
David 
  
<!-- ===================== SSL SWITCHING ==================== --> 
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">

<property name="channelDecisionManager" ref="channelDecisionManager"/> 
<property name="filterInvocationDefinitionSource"> 
<value> 
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON 
PATTERN_TYPE_APACHE_ANT 
/roller_j_security_check=REQUIRES_SECURE_CHANNEL 
/roller-ui/login.rol=REQUIRES_SECURE_CHANNEL 
/roller-ui/login-redirect.rol=REQUIRES_SECURE_CHANNEL 
/**=REQUIRES_INSECURE_CHANNEL 
</value> 
</property> 
</bean> 
<bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">

<property name="channelProcessors"> 
<list> 
<bean class="org.acegisecurity.securechannel.SecureChannelProcessor"/> 
<bean class="org.acegisecurity.securechannel.InsecureChannelProcessor"/> 
</list> 
</property> 
</bean> 
 

Mime
View raw message