You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by gg...@apache.org on 2002/10/23 19:16:04 UTC

cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/util/template BaseJetspeedLink.java ContentTemplateLink.java

ggolden     2002/10/23 10:16:04

  Modified:    src/java/org/apache/jetspeed/util/template
                        BaseJetspeedLink.java ContentTemplateLink.java
  Log:
  Added a site level setting option to force all Jetspeed created links to be secure.
  
  To extend Turbine's "use.ssl" for links, we can now include in the
  TurbineResources.properties or JetspeedResources.properties:
  
  force.ssl=true
  
  If this is done, all links made with the JetspeedLink (i.e. $jlink in velocity)
  or the ContextTemplateLink (i.e. $clink in velocity) will be forced to use ssl
  (https).
  
  "use.ssl" must be set to true else the force.ssl will be ignored.
  
  If missing, this defaults to "false".
  
  Revision  Changes    Path
  1.16      +7 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/util/template/BaseJetspeedLink.java
  
  Index: BaseJetspeedLink.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/util/template/BaseJetspeedLink.java,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- BaseJetspeedLink.java	17 Aug 2002 00:02:24 -0000	1.15
  +++ BaseJetspeedLink.java	23 Oct 2002 17:16:04 -0000	1.16
  @@ -937,6 +937,12 @@
           if (uri == null)
               uri = new DynamicURI( rundata);
           
  +        // check if we need to force to a secure (https) link
  +        if (JetspeedResources.getBoolean("force.ssl", false))
  +        {
  +            uri.setSecure();
  +        }
  +
           return uri;
       }
       
  
  
  
  1.6       +16 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/util/template/ContentTemplateLink.java
  
  Index: ContentTemplateLink.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/util/template/ContentTemplateLink.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- ContentTemplateLink.java	3 Jan 2002 19:00:47 -0000	1.5
  +++ ContentTemplateLink.java	23 Oct 2002 17:16:04 -0000	1.6
  @@ -58,6 +58,7 @@
   import org.apache.turbine.util.RunData;
   import org.apache.turbine.util.DynamicURI;
   import org.apache.turbine.services.pull.ApplicationTool;
  +import org.apache.jetspeed.services.resources.JetspeedResources;
   
   /**
    * A customized version of the DynamicURI for linking to non-servlet
  @@ -91,6 +92,7 @@
       public ContentTemplateLink (RunData data)
       {
           super(data);
  +        initForceSecure();
           initContextPath(data);
       }
   
  @@ -104,6 +106,7 @@
       public void init(Object data)
       {
           super.init((RunData)data);
  +        initForceSecure();
           initContextPath(data);
       }
   
  @@ -127,6 +130,18 @@
                * null.
                */
               contextPath = "";
  +        }
  +    }
  +
  +    /**
  +     * Inits the force secure setting.
  +     */
  +    protected void initForceSecure()
  +    {
  +        // check if we need to force to a secure (https) link
  +        if (JetspeedResources.getBoolean("force.ssl", false))
  +        {
  +            setSecure();
           }
       }
   
  
  
  

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

RE: cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/util/template BaseJetspeedLink.java ContentTemplateLink.java

Posted by David Sean Taylor <da...@bluesunrise.com>.


> -----Original Message-----
> From: ggolden@apache.org [mailto:ggolden@apache.org]
> Sent: Wednesday, October 23, 2002 10:16 AM
> To: jakarta-jetspeed-cvs@apache.org
> Subject: cvs commit:
> jakarta-jetspeed/src/java/org/apache/jetspeed/util/template
> BaseJetspeedLink.java ContentTemplateLink.java
> 
> 
> ggolden     2002/10/23 10:16:04
> 
>   Modified:    src/java/org/apache/jetspeed/util/template
>                         BaseJetspeedLink.java ContentTemplateLink.java
>   Log:
>   Added a site level setting option to force all Jetspeed created 
> links to be secure.
>   
>   To extend Turbine's "use.ssl" for links, we can now include in the
>   TurbineResources.properties or JetspeedResources.properties:
>   
>   force.ssl=true
>   
>   If this is done, all links made with the JetspeedLink (i.e. 
> $jlink in velocity)
>   or the ContextTemplateLink (i.e. $clink in velocity) will be 
> forced to use ssl
>   (https).
>   
>   "use.ssl" must be set to true else the force.ssl will be ignored.
>   
>   If missing, this defaults to "false".
>   

Very cool.

Have you found any other issues with SSL...

I imagine we have to do the same for JSP now?


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>