[ic] RE: (ic) Admin over SSL
Stefan Hornburg
interchange-users@icdevgroup.org
Mon Nov 18 16:18:00 2002
On Mon, 18 Nov 2002 15:49:48 -0500
Hans <hanshans@softhome.net> wrote:
> Hans said:
>
> >Greetings - I'm trying to get the Admin UI to work over SSL. I set up
>
> the
>
> >secure server address, etc., and have added
> >
> >admin
> >
> >to the AlwaysSecure in the catalog.cfg.
> >
> >This fails to route to the secure server. However, when I add
> >
> >admin/entry
> >
> >to the AlwaysSecure, it successfully loads from the secure server to
> >allow me to enter the CC numbers.
> >
> >What I'm trying to do is have the entire Admin session over SSL, but it
>
>
> >doesn't seem to work by just adding
> >
> >admin
> >
> >..... Would someone be so kind as to shed light ??
> >
> >Many thanks ---
>
>
> 'admin' would not match everything. However, there is a handy variable
> UI_SECURE (found from the admin pages under Administration...Preferences
> ...Admin control). If this is set to 1, then all of your admin pages
> will be
> secure.
>
> John.
>
> ---------
>
> Thanks for the tip John. I set the variable to 1, applied changes,
> logged out, and then logged back in from
> http://me.com/~me/cart.cgi/admin/login.html and also from my shared
> secure server https://me.com/~me/cart.cgi/admin/login.html but under
> both instances, I am dropped into the Admin section UNSECURED, i.e., no
> ssl working under the admin.
UI_SECURE doesn't automagically select a secure server, but uses
the value of the configuration directive SecureURL instead of VendURL.
Bye
Racke