By Peter Bell

Snippets: SSL and the front controller

Posted At : July 26, 2006 8:14 PM | Posted By : Peter Bell
Related Categories: snippets, Building The Framework

This is just a simple but useful snippet for managing the https status of various page requests being handled by a front controller based on some kind of action variable.

I'm not really a syntax guru, and I have heard there can be "gotchas" using cflocation, but this seems to work fine for me. Keep an eye out for the usual SSL gotchas: any resources with absolute non-https links (style sheets, images, javascript files, flash movies, etc) and forms going from secure action to non-secure action. Both will pop up warning boxes that your users won't like to see . . .

Only things to note in the code:

SSLActionList is comma delimited list of actions (login, viewproducts, etc.) that require an SSL connection
Input.get(‘action') is just how I access the input scope (URL + form scopes with form values taking precedence over URL ones) via an intelligent generic getter in my base bean and an input object that I use to handle validation of all user input.

Comments (0) | Print | del.icio.us | Linking Blogs

Comments

There are no comments for this entry.

[Add Comment]

Enter your email address to subscribe to this blog.

Developer Circuit

Calendar

Sun	Mon	Tue	Wed	Thu	Fri	Sat
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Archives By Subject

Active Data Modeling (2) [RSS]
Agile Development (22) [RSS]
AJAX (4) [RSS]
AOP (4) [RSS]
Apollo (1) [RSS]
Application Generation (127) [RSS]
BDD (4) [RSS]
Blogging (1) [RSS]
Book Reviews (3) [RSS]
Building The Framework (66) [RSS]
Business (4) [RSS]
Business Development (14) [RSS]
Calendar (3) [RSS]
CF Eclipse (2) [RSS]
CF Template (7) [RSS]
Code Generation (21) [RSS]
ColdFusion (70) [RSS]
conferences (81) [RSS]
Configuration (1) [RSS]
Consulting (6) [RSS]
Content Management (2) [RSS]
Controllers (20) [RSS]
CSS (10) [RSS]
Custom Data Types (2) [RSS]
DAO (7) [RSS]
Delta Driven Development (1) [RSS]
Dependency Injection (34) [RSS]
Design Patterns (175) [RSS]
Domain Driven Design (2) [RSS]
Domain Specific Languages (41) [RSS]
Domain Specific Modeling (7) [RSS]
Dynamic Programming (2) [RSS]
E-commerce (15) [RSS]
Efficiency (1) [RSS]
Error Handling (0) [RSS]
Essays (2) [RSS]
Factories (1) [RSS]
Flex (8) [RSS]
Forms (4) [RSS]
Frameworks (25) [RSS]
Front End (5) [RSS]
Functional Programming (1) [RSS]
Fusebox (1) [RSS]
Future (1) [RSS]
Grammar (2) [RSS]
Graphic Design (1) [RSS]
Hosting (8) [RSS]
Humor (1) [RSS]
i18n (1) [RSS]
IBO (11) [RSS]
Imports (1) [RSS]
Installation (1) [RSS]
Intent Driven Design (3) [RSS]
JavaScript (9) [RSS]
jQuery (2) [RSS]
Language Oriented Programming (4) [RSS]
Languages (20) [RSS]
Layout Design (2) [RSS]
LightWire (51) [RSS]
Lists (1) [RSS]
Mac (5) [RSS]
Marketing (5) [RSS]
Metadata (2) [RSS]
Metaprogramming (2) [RSS]
Misc (154) [RSS]
Multi tenant Systems (1) [RSS]
ODL (2) [RSS]
OO 101 (6) [RSS]
OO Architecture (3) [RSS]
ORM (28) [RSS]
Pages (3) [RSS]
People (6) [RSS]
Performance (1) [RSS]
Podcast (2) [RSS]
Presentations (17) [RSS]
Pricing (3) [RSS]
Programming Languages (3) [RSS]
Project Management (3) [RSS]
Quotes (1) [RSS]
Rails (1) [RSS]
Rants (5) [RSS]
Reporting (1) [RSS]
Requirements (1) [RSS]
REST (2) [RSS]
Ruby (2) [RSS]
Scopes (1) [RSS]
Search (4) [RSS]
Search Engine Optimization (1) [RSS]
Security (3) [RSS]
snippets (9) [RSS]
Software Product Line (8) [RSS]
Solo Development (1) [RSS]
Speaking (1) [RSS]
Specification (8) [RSS]
SQL (1) [RSS]
Subversion (5) [RSS]
SystemsForge (1) [RSS]
TDD (11) [RSS]
Testing (13) [RSS]
To Ponder (6) [RSS]
Travels (5) [RSS]
Useful Sites (1) [RSS]
User Interface (2) [RSS]
Value Lists (1) [RSS]
Venture Capital (10) [RSS]
Versioning (2) [RSS]
Views (5) [RSS]
Virtualization (1) [RSS]
Wiki (1) [RSS]
XML (17) [RSS]
XSD (4) [RSS]