Our of curiosity I just tried to invoke my JSPWiki Login.jsp page with
https vs http - it failed and here's what I got:
SSL received a record that exceeded the maximum permissible
length.
(Error code: ssl_error_rx_record_too_long)
The page you are trying to view can not be shown because the
authenticity of the received data could not be verified.
* Please contact the web site owners to inform them of this
problem.
I'm using port 80 and I started with http at the main prompt (prior to
invoking Login.jsp).
Do I have to arrange with my hosting service to activate SSL? Or is
there something else needed?
On Sat, 2009-03-21 at 18:33 +0200, Janne Jalkanen wrote:
> Cookie/sessionwise that should be fine (as long as you are running in
> the standard ports and you start first with http before switching to
> https).
>
> Andrew, any chance you could have a writeup on this common scenario at
> doc.jspwiki.org?
>
> /Janne
>
> On 21 Mar 2009, at 16:22, Wyllys Ingersoll wrote:
>
> >
> > Does JSPWiki get confused by having both SSL and non-SSL access to
> > the wiki?
> >
> > For example, my main site URL is: http://foo.bar.com
> > I want to secure the Login page so passwords are not passed around
> > in the clear, so
> > my login happens at https://foo.bar.com/Login.jsp?redirect=Main
> >
> > Once the users are logged in, I would prefer to switch them back to
> > a non-SSL
> > connection. Is this possible to do without confusing JSPWiki and
> > losing track
> > of the session and logged-in information?
> >
> > thanks,
> > Wyllys
> >
> >
