Viewing By Entry / Main

SSL Interceptor by Ernst van der Linden

Posted At : January 19, 2008 2:32 PM |

Posted By : Luis Majano

Related Categories: ColdBox

Ernst has just posted his code for an ssl interceptor he just created. It looks awesome so take a look for yourself.

Comments (4) |

Print |

Send |

del.icio.us |

Linking Blogs

Related Blog Entries

SSL Interceptor does specific events now, great stuff Ernst (January 21, 2008)

Comments

[Add Comment]

It's missing some functionality ... how does it know which event has to be secured? It should secure only specific events, and force unsecured requests for the rest. something like
if not isSsl and requireSll then cflocate to https
if isSsl and not requireSll then cflocate to http

# Posted By Rob Gonda |

1/19/08 11:50 PM

That is up to Ernst, but I think its a good start.

# Posted By Luis Majano |

1/19/08 11:54 PM

Rob you're right. We could implement that. Just make a list of allowed events without SSL as a property in interceptor xml definition and then check with event.getCurrentEvent() if we need SSL.

I will take a look and keep you informed.

# Posted By Ernst van der Linden |

1/21/08 4:01 PM

Rob, I made in new blog entry. The SSL interceptor now supports SSL for specific events.
Comments are welcome!

# Posted By Ernst van der Linden |

1/21/08 5:47 PM

[Add Comment]

ColdBox 2.6.3 : RENEWED