Forums / Setup & design / Problem to configure zone ssl access

Problem to configure zone ssl access

Previous topic

Setup & design

Next topic

Author	Message
Jean-François Sénéchal	Wednesday 20 September 2006 6:13:41 am Hello, I configure in my site.ini ssl zones With the example who is explain in the documentation : ModuleViewAccessMode[user/login]=ssl the browser will switch from http to https But if I try with a folder create im my content for example, tourisme ModuleViewAccessMode[content/tourisme]=ssl the browser doesn't switch to https I try too with this config : ModuleViewAccessMode[tourisme]=ssl Here is a capture of my content structure : http://www.marche.be/ez.html I use ez 3.8.3 What's wrong ? Thanks L'informaticien est comme un petit canard: il est calme en surface mais en dessous il brasse beaucoup d'eau pour avancer ...!
Dimitar Christoff	Thursday 23 November 2006 3:16:36 am i can confirm that... cannot force eZ to swap to SSL on: ModuleViewAccessMode[article]=ssl, ModuleViewAccessMode[folder]=ssl, ModuleViewAccessMode[[urlRedirect]=ssl or ModuleViewAccessMode[content/view/full/nodeid]=ssl - all fail. for example, ModuleViewAccessMode[contact_us]=ssl fails ModuleViewAccessMode[contact_us]=keep fails also despite of having [content/*]=keep, accessing https://url/contact_us directly gets rewritten to http://url/contact_us any progress on this and is the official documentation of SSLzones forthcoming? thanks VisionWT
Valentin Doroschuk	Monday 30 April 2007 12:59:54 am Hi, Actually we didn't find a bug there. 0. The first you should clear ssl cache (var/[siteaccess]/cache/ssl_zones_cache.php) 1. You can use ssl for subtrees only (not for nodes) and (at present) there is no way to use ssl only for page where node doesn't have a path_indetification_string (means empty), i.e. node with nodeID 2 doesn't have a path_indetification_string and you cannot use it with ssl, so if default page is content/view/full/2 you cannot use this subtree with ssl. If you want to use all view pages like "https" please use ModuleViewAccessMode[content/view]=ssl (it will be the same like you use SSLSubtrees[]=[path_indetification_string of Node with nodeID =2]) 2. If you use SSLSubtrees[]=/contact_us then http://yourhost/contact_us will be always redirected to https 3. In SSLSubtrees[] you cannot use a path_string, but path_indetification_string only 4. ModuleViewAccessMode[] should contain module/view only, like ModuleViewAccessMode[shop/add]=ssl ModuleViewAccessMode[shop/basket]=ssl ModuleViewAccessMode[content/]=keep So, your settings should be like this [SSLZoneSettings] SSLZones=enabled SSLSubtrees[]=/contact_us ModuleViewAccessMode[shop/add]=ssl ModuleViewAccessMode[user/register]=ssl ModuleViewAccessMode[shop/checkout]=ssl ModuleViewAccessMode[user/login]=ssl ModuleViewAccessMode[shop/basket]=ssl ModuleViewAccessMode[user/profile]=ssl ModuleViewAccessMode[user/editchilddetails]=ssl ModuleViewAccessMode[user/password]=ssl ModuleViewAccessMode[shop/confirmorder]=ssl ModuleViewAccessMode[content/]=keep Thanks.

Author

Message

Jean-François Sénéchal

Wednesday 20 September 2006 6:13:41 am

Hello,

I configure in my site.ini ssl zones

With the example who is explain in the documentation :

ModuleViewAccessMode[user/login]=ssl

the browser will switch from http to https

But if I try with a folder create im my content

for example, tourisme

ModuleViewAccessMode[content/tourisme]=ssl

the browser doesn't switch to https

I try too with this config :

ModuleViewAccessMode[tourisme]=ssl

Here is a capture of my content structure :

http://www.marche.be/ez.html

I use ez 3.8.3

What's wrong ?

Thanks

L'informaticien est comme un petit canard:
il est calme en surface mais en dessous il brasse beaucoup d'eau pour
avancer ...!

Dimitar Christoff

Thursday 23 November 2006 3:16:36 am

i can confirm that...

cannot force eZ to swap to SSL on:

ModuleViewAccessMode[article]=ssl,
ModuleViewAccessMode[folder]=ssl,
ModuleViewAccessMode[[urlRedirect]=ssl
or ModuleViewAccessMode[content/view/full/nodeid]=ssl - all fail.

for example, ModuleViewAccessMode[contact_us]=ssl fails
ModuleViewAccessMode[contact_us]=keep fails also

despite of having [content/*]=keep, accessing https://url/contact_us directly gets rewritten to http://url/contact_us

any progress on this and is the official documentation of SSLzones forthcoming?

thanks

VisionWT

Valentin Doroschuk

Monday 30 April 2007 12:59:54 am

Hi,
Actually we didn't find a bug there.

0. The first you should clear ssl cache (var/[siteaccess]/cache/ssl_zones_cache.php)

1. You can use ssl for subtrees only (not for nodes) and (at present) there is no way to use ssl only for page where node doesn't have a path_indetification_string (means empty),
i.e. node with nodeID 2 doesn't have a path_indetification_string and you cannot use it with ssl,
so if default page is content/view/full/2 you cannot use this subtree with ssl.
If you want to use all view pages like "https" please use ModuleViewAccessMode[content/view]=ssl

(it will be the same like you use SSLSubtrees[]=[path_indetification_string of Node with nodeID =2])

2.
If you use SSLSubtrees[]=/contact_us then http://yourhost/contact_us will be always redirected to https

3. In SSLSubtrees[] you cannot use a path_string, but path_indetification_string only
4. ModuleViewAccessMode[] should contain module/view only,
like

ModuleViewAccessMode[shop/add]=ssl
ModuleViewAccessMode[shop/basket]=ssl
ModuleViewAccessMode[content/*]=keep

So, your settings should be like this

[SSLZoneSettings]
SSLZones=enabled
SSLSubtrees[]=/contact_us

ModuleViewAccessMode[shop/add]=ssl
ModuleViewAccessMode[user/register]=ssl
ModuleViewAccessMode[shop/checkout]=ssl
ModuleViewAccessMode[user/login]=ssl
ModuleViewAccessMode[shop/basket]=ssl
ModuleViewAccessMode[user/profile]=ssl
ModuleViewAccessMode[user/editchilddetails]=ssl
ModuleViewAccessMode[user/password]=ssl
ModuleViewAccessMode[shop/confirmorder]=ssl
ModuleViewAccessMode[content/*]=keep

Thanks.