Re: Authenticate when SSL is activeted only?

To: Debian-ISP <debian-isp@lists.debian.org>
Subject: Re: Authenticate when SSL is activeted only?
From: Oliver Hitz <oliver@net-track.ch>
Date: Tue, 22 Apr 2003 14:38:43 +0200
Message-id: <[🔎] 20030422123843.GE2995@net-track.ch>
Mail-followup-to: Debian-ISP <debian-isp@lists.debian.org>
In-reply-to: <[🔎] 20030422185629.EC9F.AXANET@ms32.hinet.net>
References: <[🔎] 20030422185629.EC9F.AXANET@ms32.hinet.net>

On 22 Apr 2003, axacheng wrote:
>     I am running apache 1.3.26, apache-ssl 1.3.26 on Debian Woody 3.0r1.
>     The reason is that I think a user should not type his LDAP account
>     and password when the connection is not secure. Any comment is
>     appreciated :)

Try the following to redirect your users to the secure version of
the page:

  SSLRequireSSL
  ErrorDocument 403 https://www.domain.com

However, it depends if the authentication is done before or after
checking SSL. I've never done this with HTTP authentication.

Oliver

Reply to:

References:
- Authenticate when SSL is activeted only?
  - From: axacheng <axanet@ms32.hinet.net>

Prev by Date: Re: Authenticate when SSL is activeted only?
Next by Date: Re: Trusted Debian
Previous by thread: Re: Authenticate when SSL is activeted only?
Next by thread: Trusted Debian
Index(es):
- Date
- Thread