Announcement Announcement Module
Collapse
No announcement yet.
ACEGI Security Roles Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACEGI Security Roles

    I am having difficulties with setting up Http and Https channels for a web page.

    I set
    /xxxx.html=ROLE_ANONYMOUS

    /xxxx.html=REQUIRES_INSECURE_CHANNEL for that page, I can access the page using http channel but not via https channel.

    Any guidance would be greatly appreciated
    Thanks!

  • #2
    Isn't that the behaviour you expect? REQUIRES_INSECURE_CHANNEL implies http only?

    Comment


    • #3
      Is there any other option beyond REQUIRES_INSECURE_CHANNEL and REQUIRES_SECURE_CHANNEL?

      Where I can I see all the options?

      Thanks,
      Daniel.

      Comment


      • #4
        Originally posted by Daniel
        Is there any other option beyond REQUIRES_INSECURE_CHANNEL and REQUIRES_SECURE_CHANNEL?

        Where I can I see all the options?

        Thanks,
        Daniel.
        Since encryption is either on or off, and the strength, algorithms etc are defined at the protocol level, the only options are the two you've given. The alternative is to specify nothing, in which case there is no preference and the access can take place over either HTTP or HTTPS.

        The string options are properties of the respective processor classes. You can see the code here:

        http://acegisecurity.sourceforge.net...e-summary.html

        Comment

        Working...
        X