[support] ssl + login best practice
Tom Lucas
tech4him at gmail.com
Fri Jul 31 16:06:16 UTC 2009
If you want to use something that already exists, the secure pages module
can do this and any other paths you need secured.
http://drupal.org/project/securepages
Blessings
On Fri, Jul 31, 2009 at 10:47 AM, Metzler, David <metzlerd at evergreen.edu>wrote:
> Expansion on this idea.
>
> I don't think you'll get setting.php to have $user->uid context will
> you? Doesn't it load too early?
>
> If I'm right, write a module with hook_init (as Earnie says) have it
> set cookie then do the base_url based on whether $cookie is site.
>
> I would at least try contacting secure pages maintainer to see if you
> can get a patch submitted there as this seems like a feature that would
> be useful to that module.
>
> Dave
>
>
> -----Original Message-----
> From: support-bounces at drupal.org [mailto:support-bounces at drupal.org] On
> Behalf Of Earnie Boyd
> Sent: Friday, July 31, 2009 5:57 AM
> To: support at drupal.org
> Subject: Re: [support] ssl + login best practice
>
> Quoting Geoff O'Callaghan <geoffocallaghan at gmail.com>:
>
> > Hi All,
> >
> > Running D6. What's the best practice for setting up a site where
> > content is delivered by http *until* the user logs on and from then on
>
> > I want all content to be via https.
> >
>
> Ideas only here; none of them tested. A hook_init in a custom module.
> Some code in settings.php to modify the $base_url if the $user->uid !=
> 0. A mod_rewrite pattern and rule.
>
> --
> Earnie
> -- http://r-feed.com/ -- http://for-my-kids.com/
> -- http://www.4offer.biz/ -- http://give-me-an-offer.com/
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.drupal.org/pipermail/support/attachments/20090731/d0573d35/attachment.htm>
More information about the support
mailing list