HTTPS when Logging Into Redmine?

Added by Calvin Cheng about 10 years ago

Hi Guys,

I have been using redmine for our team's projects for some time and so far so good...
Recently switched to bleeding edge and it is surprisingly stable for a bleeding edge implementation.
Also started using Git (instead of SVN) and I am really glad it all worked out.
Much thanks to JPLang's great code and Thomas' assistance once in a while.

I am wondering about just 1 more issue. Is it possible to configure my redmine install so that for the LOGIN (i.e. when a user logs in), https is used for that brief moment when username and passwords are being transmitted across the internet?

I do this with regularity for my PHP-based sites and was wondering how easy/difficult it would be to modify ruby to do the same.

Regards,
Calvin

Replies (2)

RE: HTTPS when Logging Into Redmine? - Added by Thomas Lecavelier about 10 years ago

Hi Calvin,

Glad to see you here.

The easiest way to achieve your goal, you have to configure your proxy to handle the SSL port (http is just a transport protocol, ruby and rails just create the content: it's you're web server that decide how to serve your clients). So it could not be very different from your php way to do.

RE: HTTPS when Logging Into Redmine? - Added by Calvin Cheng about 10 years ago

Hi Thomas,

What I meant was where I could possibly modify the ruby code so that it points to https for a brief moment before switching back to http again when the 'submit' button is being pressed.

As an example: If I write a form tag in html, that would mean that my post url points to "https://".$_SERVER['PHP_SELF']."/login.php" and when login.php authenticates me, I will be brought into the site with url http://mysite.com

As far as the apache directives for the virtualhost for the https is concerned, I have already configured them correctly. :)

So my question is actually regarding where exactly to modify the ruby login script to do this...

Regards,
Calvin

(1-2/2)