Results 1 to 4 of 4

Thread: How to define REQUIRES_SECURE_CHANNEL in Security 2.0?

  1. Apr 1st, 2008, 08:20 AM #1
    thejavafreak
    thejavafreak is offline Member
    Join Date
    Oct 2005
    Location
    Jakarta
    Posts
    31

    Default How to define REQUIRES_SECURE_CHANNEL in Security 2.0?

    Dear all,

    I want to secure a specific URL. How do I define REQUIRES_SECURE_CHANNEL in Spring Security 2.0? I can't find it anywhere. Neither does the samples shows us this.

    thanks in advance
    Regards,
    joshua

    Blog
  2. Apr 1st, 2008, 10:07 AM #2
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Use the requires-channel attribute on the intercept-url element.

    You can see the available options in the namespace from the RNC file

    http://acegisecurity.svn.sourceforge...curity-2.0.rnc

    Or just by navigating the options in a decent XML editor.
  3. Apr 1st, 2008, 09:20 PM #3
    thejavafreak
    thejavafreak is offline Member
    Join Date
    Oct 2005
    Location
    Jakarta
    Posts
    31

    Default

    Thanks for the response luke,

    I already put requires-channel="any" and it still doesn't work. Could it be perhaps because my URL is transformed by URWRewrite?

    thanks in advance
    Regards,
    joshua

    Blog
  4. Apr 3rd, 2008, 01:36 PM #4
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    "any" means it doesn't care what channel you use so will accept either http or https. The equivalent of REQUIRES_SECURE_CHANNEL would be requires-channel="https".
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules