[SAC] Switching all Logins to SSL
Alex Mandel
tech_dev at wildintellect.com
Fri Aug 12 15:48:56 EDT 2011
Having worked with SSL and HTTPS on my own servers now I think I've come
up with a semi decent idea to help secure OSGeo username/passwords a
little more.
We could implement SSL/HTTPS for all logins.
How does this differ from the current situation?
Well on Trac login is only over SSL if you choose to visit the site at
https. Some people have stated that for speed purposes they need to be
able to work authenticated but under http. So what I'm proposing is
redirect only the login links to https.
trac.osgeo.org (Wildcard match */login)
wiki.osgeo.org (Yes I know this isn't OSGeo LDAP, yet)
etc (I'm sure I missed some other services)
Note, this idea has already been done on osgeo.org and only requires a
small adjustment to apache vhost files.
Should be fairly easy to implement and I think will make a few of our
users happy, and protect a great many more who don't even realize it.
Thanks,
Alex
More information about the Sac
mailing list