On 10/5/05, Martin Matusiak <[EMAIL PROTECTED]> wrote:
> I need a way to check whether the current servlet was accessed through https
> or not. If not, I want to rewrite the url to https and inform the user. How
> can I check this?
>
> I'm using webware 0.8.
Here is what I do in one of my apps: In SitePage, which is the
ancestor class of all my pages, I have:
class SitePage(Page):
requiredProtocol = 'http://' # subclasses could override to be
'https://'. logic in _respond() does the right thing
then in particular servlets, I say:
class Dashboard(SitePage):
requiredProtocol = 'https://'
The code that enforces this is in SitePage and follows. "It works for
me." Also, Christoph's technique of checking the port looks
interesting as it removes the reliance on SCRIPT_URI which on older
versions of Apache (I don't know about newer ones) only exists if
mod_rewrite is on.
def _respond(self, trans):
req = self.request()
uri = req.environ().get('SCRIPT_URI', None)
if uri is not None: # SCRIPT_URI is not standard. typically
provided by mod_rewrite
if self.isProduction: # typically only prod has
https:// working
if req.method()!='POST': # there's no way to
redirect a user
agent to POST to diff URL
if not
uri.startswith(self.requiredProtocol) and not
uri.lower().startswith(self.requiredProtocol):
# okay, the URI is *not* using
the required protocol. fix it:
qs = req.queryString()
qs = qs and '?'+qs or ''
uri = self.requiredProtocol +
uri.split('://', 1)[1] + qs
uri = uri.replace('/www.', '/')
# SCRIPT_URI seems to always
include the host name, but at SA we do the opposite
self.response().sendRedirect(uri)
return
Page._respond(self, trans)
-Chuck
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Webware-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/webware-discuss
