Arrow_left   Arrow_right
 
  #920

New useSSL element for redirecting via SSL in the security interceptor

    • Created on: Fri, 11 Dec 2009 (about 2 years ago)
    • Reported by: lmajano
    • Assigned to: lmajano
    • Milestone: 3.0.0M5
    • Estimate: None/Small/Medium/Large None
    • Version: -
    • Status: Fixed
    • Priority: Normal (3)
    • Component: Interceptors - Security
    • Permission type: None
    • Type: enhancement
    The security interceptor's rules currently have a "redirect" element that determines where to redirect if "An event or route to redirect if the user is not in a role".

    My enhancement request is to allow the specification of whether this redirect should use SSL or not.

    Use case is, person is not logged in so the security interceptor redirects to "user.login" but it does so using a non-ssl connection.

    By adding a new element to the rules (can default to false internally for backward compatibility), the "setNextEvent" call in the security interceptor would be able to use SSL or not based on the value.

    <useSSL>true</useSSL>
  • Followers
     
    Ico-users lmajano (Assigned To) 
     
    Attachments
    No attachments
    Associations
     
    No associations
    Activity
     
    User picture

          on Dec 18, 2009 @ 05:43PM UTC * By lmajano

    Milestone changed from 3.0.0M4 to 3.0.0M5
    User picture

          on Mar 10, 2010 @ 03:53PM UTC * By lmajano

    Description changed from The security interceptor's ... to The security interceptor's ...
    Status changed from New to Fixed
    Summary changed from useSSL element for using SSL on security redirect to New useSSL element for redirecting via SSL in the security interceptor
    Time Expenditure
    Loading