WebFaction
Community site: login faq

I have an e-commerce website in Django that needs a few requests posted over ssl. So following the topic here, I seem to have to host my django application on two website records, one for HTTP, and one for HTTPS, then foward the requests in http website that need encryption to https one.

I want to let the user login only through ssl. So I will lead the user to the https website to let them login. Maybe the users navigate back to the http webiste sometime later. I hope at that time, the http website is aware that the user logged in through https before. How can I do that? Or I don't have to do anything because the server can take care of that? I ask this because I have the feeling that with two separate websites, they use different cookies and the two websites aren't aware of each other's authentication.

asked 26 Nov '11, 22:11

Georgie Poorgie
123
accept rate: 0%

edited 26 Nov '11, 22:13


If both HTTPS and HTTP sites use the same app and domain, they should be able to access the same cookies.

So, the best way to accomplish this would be to set the authentication cookie only when the user logs in through HTTPS and if he does not have it, redirect them to back to the HTTPS site.

permanent link

answered 26 Nov '11, 23:26

neeravk
1.5k3412
accept rate: 41%

If I have two different apps of the same kind (i.e two PHP apps) shouldn't be enough the same domain to share cookies between http and https? In this way I could keep separate also physically http and https and have different sets of pages on them and on http part only check if a session variable or a permanent cookie is already set in order to redirect to https part. Is it correct? Or different PHP apps set different sessions identifiers even if they are on the same domain?

(05 Mar '12, 06:12) robertotra

2 different apps typically use different cookies, the right way to manage which URLs are on https and which are not is with a PHP app is with .htaccess rules.

(05 Mar '12, 17:12) johns
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×909
×93
×75

question asked: 26 Nov '11, 22:11

question was seen: 2,997 times

last updated: 05 Mar '12, 17:12

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2019 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM