No subject


Sat Oct 16 04:25:36 CEST 2010


<gmcharlt> sekjal: you may want to take a look at how Evergreen handles using
SSL for patron login and display in the OPAC and regular HTTP for everything
else
<sekjal> gmcharlt:  thanks, I'll take a peek
<chris> id like that once you are logged in, its ssl, before you are logged in
its http
 once you are placing holds etc, that may as well be encrypted too
 make the fbi earn their money
<gmcharlt> or move some of the scripts about (to make URL rewriting easier) and
have /opac/ and /opac/secure/
<pastebot> "gmcharlt" at 68.101.78.67 pasted "sekjal: the relevant bit from
EG's Apache config" (6 lines) at http://paste.koha-community.org/118
<gmcharlt> one thing to note that SSLRequireSSL implies use of mod_ssl;
mod_gnutls doesn't have a direct equivalent

The value in pastebin:

#
--------------------------------------------------------------------------------
# Force SSL on the OPAC's "My Account" page
#
--------------------------------------------------------------------------------
<LocationMatch .*/myopac.xml>
    SSLRequireSSL
</LocationMatch>

-- 
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.


More information about the Koha-bugs mailing list