Thank very much, again. For me it very important your help.
Well, now I use a cookie for maintain the user name in session. And use ssl
connection when this cookie is found. Thank for this idea.
Now my apache virtual host config is :
<VirtualHost *:80>
.....
CacheRoot /var/cache/apache2/mod_disk_cache
CacheEnable disk /
CacheDirLevels 5
CacheDirLength 3
#CacheIgnoreHeaders Set-Cookie
ProxyRequests Off
RewriteEngine On
#Debug en dev
RewriteLogLevel 3
RewriteLog /var/cache/apache2/rewrite.log
#En caso de encontrar la cookie usuario redirigimos a un entorno ssl.
RewriteCond %{http_cookie} usuario=([^;]+)
RewriteRule ^(.*) https://www.turismopaco.com/PINTUREX/live/index.html
.....
</VirtualHost>
<VirtualHost *:443>
....
SSLEngine On
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/cert-file.crt
ProxyRequests Off
RewriteEngine On
RewriteLog /var/cache/apache2/rewrite.log
RewriteLogLevel 3
#En caso de encontrar la cookie usuario redirigimos a un entorno ssl.
RewriteCond %{http_cookie} !usuario=([^;]+)
RewriteRule ^(.*) http://www.turismopaco.com/PINTUREX/live/index.html
....
#SSL workaround for MSIE
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
ErrorLog /var/cache/apache2/cms.example.com-error_log
CustomLog /var/cache/apache2/cms.example.com-access_log common
</VirtualHost>
All more o less fine with this configuration.
Now I will delete the cache and probe the result.
One more question, I create the SSL-certificate-file with make-ssl-cert form
ssl-cert package, It's valid file for my producction site? Or we need buy a
file?
TIA.
--
View this message in context:
http://www.nabble.com/web.xml-in-ProxyPass-tp23096663p23422405.html
Sent from the Lenya - Dev mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
