Forum OpenACS Q&A: Response to Secure Vs. Insecure locations

Posted by Richard Hamilton on
No, I don't think so.

Unless I am missing something I think that the RestrictToSSL parameter tells the ACS that I want for example '/acs-admin' to only be accessible through https. However it does not take care of telling the request processor where to redirect the browser to for the secure connection (ie

Thus setting this parameter will prevent anyone connecting to '/acs-admin' using http but will not automatically switch to https and add the port number for the secure location.

Regards Richard