On Tue, 2009-10-27 at 07:58 +0200, Jani Tiainen wrote:
> I'm trying to get Django to make authentication (namely username +
> password) to be transferred over HTTPS. But rest of the site is still on
> plain old HTTP.
>
> How this can be done? I've very little success and google didn't gave
> m
Good point on the psycho part. And my mistake, I saw a page once where the
inline from submit was just SSL and I was thinking about that.
The answer partially rests on your webserver, because Django itself (as far
as I know) doesn't distinct between the two. An approach could be to have
your w
Technically yes.
From psychological point you need to provide SSL for login screen
already so end user gets visual feedback that he's in secure transaction
and certificate is validated.
So yes, it should be "secure login" page, that forwards user back to
nonsecure pages after login is succes
I think that technically only your form submit should be posted to a SSL
based url and the rest doesn't have to. Which shouldn't be so hard. Just
setup the 'post to' url in the template (under: form action="" ) or define
in the view method where the form is initiated just before rendering.
Thi
I'm trying to get Django to make authentication (namely username +
password) to be transferred over HTTPS. But rest of the site is still on
plain old HTTP.
How this can be done? I've very little success and google didn't gave
much of help either.
I'm using Apache 2.2 with mod_wsgi and I've to
5 matches
Mail list logo
