[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

[ic] AlwaysSecure is not working

Subject: [ic] AlwaysSecure is not working
From: interchange-users@interchange.redhat.com (Joachim Leidinger)
Date: Mon Feb 25 17:07:02 2002
References: <NOEELLCHGAAJFOCDPKBOIEFKCCAA.jerry@digitalfm.com>

Jerry wrote:
> 
> > From: interchange-users-admin@interchange.redhat.com
> > [mailto:interchange-users-admin@interchange.redhat.com]On Behalf Of
> > Joachim Leidinger
> > Sent: Monday, February 25, 2002 11:56 AM
> > To: interchange-users@interchange.redhat.com
> > Subject: [ic] AlwaysSecure is not working
> >
> >
> > Hi List,
> >
> > since IC Version 4.6.5 and IC 4.8.3,
> >
> > 3.4. AlwaysSecure
> > -----------------
> >
> > Determines whether checkout page operations should always be secure.
> > Set it to the pages that should always be secure, separated by spaces
> > and/or tabs.
> >
> >    AlwaysSecure    ord/checkout
> >
> > is not working. Am I missing somethings?
> >
> > In normal case, if I call
> >
> > http://www.mydomain.com/cgi-bin/myshop/ord/checkout
> >
> > it should be secure by IC automatically. But why is that not working
> > with IC? MV make this right!
> >
> > Any tips, hints and suggestions are very welcomes.
> >
> > Thanks!
> >
> > Joachim
> 
> Maybe because you bypassing IC and calling it in non-secure mode manually?

Yes!

> If your secure server is setup properly and you call the checkout page
> with [area ord/checkout] or mv_nexpage from within a form, it will
> be secure.

Yes! Right!
 
> Also, if your form contains     <FORM ACTION="[process secure=1]"
> METHOD=POST>
> the form would be processed securily I belive.

Yes! Right! :-))
 
> I don't recall that you could ever call the page directly as you have above
> and have it refresh into secure mode, but I could be wrong. I always thought
> the "always secure" option was so that IC could use the same tags, area and
> page
> along with mv_nextpage without having to specify a secure option each time
> the page
> was called from within another page.

I always thought, IC will recognize the page name, which is set to
secure by AlwaysSecure! Is IC not able to switch to the secure
protocoll, if a page is calling directly and that page is set to secure?

Joachim

-- 
Hans-Joachim Leidinger | Dipl.-Phys.Ing. Entwicklung eCommerce
[leidinger@bpanet.de] 
Black Point Arts Internet Solutions GmbH
http://www.bpanet.de

References:
- [ic] AlwaysSecure is not working
  - From: interchange-users@interchange.redhat.com (Jerry)

Prev by Date: [ic] AlwaysSecure is not working
Next by Date: [ic] AlwaysSecure is not working
Previous by thread: [ic] AlwaysSecure is not working
Next by thread: [ic] AlwaysSecure is not working
Index(es):
- Date
- Thread