[ic] AlwaysSecure is not working
Andrew McBeath
interchange-users@interchange.redhat.com
Mon Feb 25 18:20:01 2002
>
>
>>>
>> Check out the ExtraSecure config directive...it allows only secure
>> access to pages marked by AlwaysSecure...
>
>
> Sure????
>
> I'm logged in as an user, who is allowed to access the checkout page.
> After adding ExtraSecure into catalog.cfg, I get the violation page. Is
> that the right result?
>
> Thanks!
>
> Joachim
>
[doco]
http://interchange.redhat.com/cgi-bin/ic/docfly.html?mv_arg=icconfig05.26
ExtraSecure
Disallows access to pages which are marked with AlwaysSecure unless the
browser is in HTTPS mode.
A Yes/No directive, the default is 'No.'
ExtraSecure Yes
*** icconfig, ExtraSecure
[/doco]
I guess this implies a 404 as opposed to a 403? + redirect to
https...wouldnt be too hard to hack up to redirect though... ;)
cheers,
Andrew