HTTPS logins in Roller 1.0
I just wrote up some instructions for configuring Secure Logins for Roller 1.0.
I
had to make one minor change in Roller 1.0's Secure Login feature. I
found that, when Roller is running behind a web switch, I can't rely
on request.isSecure()
to tell me if I have an HTTPS connection. I had to add an (optional)
request header test. In my case, I have to test for a header named
X-SSL to determine if HTTPS is active.
Tags:
Roller