The Toolkit for Online Communities
16706 Community Members, 2 members online, 2372 visitors today
Log In Register
OpenACS Home : Forums : OpenACS Q&A : SSL pages forcing log in -- why? : One Message

Forum OpenACS Q&A: Re: SSL pages forcing log in -- why?

Posted by Lars Pind on
The idea is that if you want to access a secure page (a page over SSL), then your login has to have been over SSL as well.

Otherwise, how would we know to trust the authentication?

The solution should be, that if you're having some pages be over SSL, you should make sure that login is over SSL as well.

There's an acs-kernel parameter to do this.

If this is not working as advertised here, please file a bug.