Forum OpenACS Q&A: Re: restrict login to ssl

4: Re: restrict login to ssl (response to 1)
Posted by Matthew Geddert on
you need to do these things (on a standard openacs install)...

Edit the "RestrictToSSL" parameter for your main subsite (by default it is called "Main Site" if you haven't renamed it): to include "/register/*". here is an example of the entries in "RestrictToSSL" from a site i run:

acs-admin/* admin/* register/* pvt/* user/* */admin/*
Then you need to edit the packages/acs-tcl/tcl/security-procs.tcl file to include references to all your graphics folders, this is what mine looks like:
ad_proc -private ad_login_page {} {

    Returns 1 if the page is used for logging in, 0 otherwise.

} {

    set url [ad_conn url]
    if { [string match "*register/*" $url] || [string match "/index*" $url] || [string match "/graphics*" $url] || [string match "/graphics/colors*" $url] ||\
            [string match "/" $url] } {
        return 1

    return 0