Hi- I am trying to ensure that all login requests come through https url's (are encrypted). I know I can edit the code in the login controller to do this, but by the time we get there apparently work has already happened (we have already logged in, identity always seems to be set). I am assuming there is some kind of filter in front of all requests that handles the login stuff and forwards to login.
So I was wondering what is the best way to make sure that all login requests are coming from ssl sources? Should I add another filter? Is there a built in way to manage this? Once logged in the whole site will be open, before that only a few pages (not behind identity management will be open). Ideas? Jeers? James --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
