Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Login via SSL
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 08-15-2006, 10:42 PM
johnmont johnmont is offline
 
Join Date: Feb 2006
Location: Chicago
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Login via SSL
I would like to have login and usercp functions go through SSL and all other board traffic through regular http://. I've created a symbolic link to the http filesystem directory in my https filesystem directory.

Next, I created a replacement variable for replacing "login.php" to "https://www.mysite.com/login.php". This part works great as I get redirected appropriately to the login page. I then enter my login and password and submit.

I get the redirect intermediate, but when I get redirected back to the http://www.mysite.com, I don't have any privileges as though I'm not logged in. If I go to https://www.mysite.com, all is fine.

Is this due to the cookie? A session variable being different between the two sites?
Reply With Quote
  #2  
Old 08-17-2006, 12:31 AM
johnmont johnmont is offline
 
Join Date: Feb 2006
Location: Chicago
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It does seem as though it must be a cookie issue --

Does anyone know if the same cookie can be used on http and https? Can I use the secure flag for a cookie even though I'm mainly accessing over http?
Reply With Quote
  #3  
Old 08-17-2006, 12:43 AM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
i think you'll have to stay under SSL once loged in.

There is no real benefit/disadvantage i can think of that would require SSL login, then back to normal http, i beleive the password is never really passed via plain text anyway
Reply With Quote
  #4  
Old 08-17-2006, 01:03 AM
johnmont johnmont is offline
 
Join Date: Feb 2006
Location: Chicago
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks for your perspective -- appreciate the input greatly.

As far as SSL, I wanted to make the UserCP area secure (and maybe Private Message) as well since i'm collecting some extra information that could be considered private. I'm also distributing some information I'd rather try and keep secure. On the other hand, I have lots of imagery and high bandwidth downloads that I'd like to avoid SSL for distribution.

Hence my desire to split out the site....
Reply With Quote
  #5  
Old 08-17-2006, 01:16 AM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Ah i see now

I'm not a coder by any strectch of the imagination, but you could set the login.php script to set two different cookies by chance, then simply link all instances of private messages and userCP via the ssl connnection?
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:59 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03672 seconds
  • Memory Usage 2,193KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete