forceSSL in fusiondirectory.conf doesn't work
forceSSL in fusiondirectory.conf doesn't work
During FD setup, I checked the "Enforce encrypted connections" option. Now I have forceSSL="True" in /etc/fusiondirectory/fusiondirectory.conf But when going to the configuration tab in FD, the option "Enforce encrypted connections" is unchecked. And I can use either http and https to browser FD.
(from redmine: issue id 2669, created on 2013-08-23, closed on 2013-09-11)
- Changesets:
- Revision 7fffb19e by Côme Chilliet on 2013-08-23T18:14:43.000Z:
Fixes: #2669 forceSSL doesn't work- Revision 99730237 by Côme Chilliet on 2013-08-23T18:15:13.000Z:
Fixes: #2669 forceSSL doesn't work- Revision f43807f8 by Côme Chilliet on 2013-09-04T12:21:47.000Z:
Fixes: #2669 SSL check in password recovery was in the wrong place- Revision 2324652a by Côme Chilliet on 2013-09-04T12:22:06.000Z:
Fixes: #2669 SSL check in password recovery was in the wrong place- Custom Fields:
- Bug in version: 1.0.6
- Uploads:
Activity
With this the check should be done on each page. I also put the forceSSL value into the LDAP config in the setup. But I've let it in the fusiondirectory.conf, because I feel like it should still be global if a user checks it in the setup and then have several LDAP configured… But maybe I'm wrong and it will be too confusing have two values that can differ :-/ I'm not sure about this.
Anyway the patch needs to be heavily tested.
(from redmine: written on 2013-08-23)
By Côme Chilliet on 2017-09-02T15:03:45 (imported from GitLab)
Ok, tested the patch, enforcing SSL now works on other pages than the login page.
But I still have the "Enforce encrypted connections" unchecked in my Configuration tab. Not sure if it was intended.
(from redmine: written on 2013-08-23)
By jlgrall on 2017-09-02T15:03:45 (imported from GitLab)
added Fixed fusiondirectory-core and removed Bugs labels
By bmortier on 2019-01-11T16:43:49 (imported from GitLab)
