Login & SSL

[mark27uk3]

Hi Guys,

 

I have already done a search and turned up not a lot (probably me using the wrong search terms again)

 

I have been running my store with the PWA contribution now for a long time and have now added the sppc contrib which requires the use of the create account and login files.

 

The problem is that after the customer has logged in the whole site becomes secure starting with the redirect back to the index.php

 

This has probably been discussed before so if anyone can provide a solution or a pointer in the right direction then I would be grateful.

 

Thanks

 

Mark

[satish]

Hi Guys,

 

I have already done a search and turned up not a lot (probably me using the wrong search terms again)

 

I have been running my store with the PWA contribution now for a long time and have now added the sppc contrib which requires the use of the create account and login files.

 

The problem is that after the customer has logged in the whole site becomes secure starting with the redirect back to the index.php

 

This has probably been discussed before so if anyone can provide a solution or a pointer in the right direction then I would be grateful.

 

Thanks

 

Mark

 

 

Can you provide your site URL as whatever you have stated is not very clear.

 

 

Satish Mantri

[mark27uk3]

Is anyone else able to shed some light on this.

 

To recap the problem is that after logging in the user is directed back to index.php but it is HTTPS not HTTP.

 

Any thoughts would be appreciated.

 

Thanks

 

Mark

[AlanR]

Is anyone else able to shed some light on this.

 

To recap the problem is that after logging in the user is directed back to index.php but it is HTTPS not HTTP.

That's the way it should be.

 

The next page after a private customer page is https. That's to avoid warnings about leaving a secure page immediately after log in. As long as the next clicks lead to http pages all is normal.

[mark27uk3]

Well surely there has to be a way around it.

 

The only reason why I need this to change is because I run the sppc contrib and I use the PWA contrib for retail customers who do not need to login.

 

Mark

[Guest]

Hi

 

I have a problem with the redirect back to index.

Cooud you take a look at my post and tell me if we have the same problem?

 

http://www.oscommerce.com/forums/index.php?act=ST&f=11&t=198090

 

Thanks!

[mark27uk3]

Hi Hugues,

 

No unfortunately this is not the same problem as I am experiencing.

 

My problem is that when the customer logs in they are redirected to the index.php page which is HTTPS (secure) and should be just HTTP

 

I am think about adding an extra page in to redirect to and then auto redirect back to the index page.

 

If anyone has any suggestions or thoughts on this then please let me know.

 

Thanks

 

Mark

[Guest]

I've seen this few times. It may happen if you have some redirection in .htaccess explicit for HTTPS or if you have a link with the SSL parameter passed to the tep_href_link function. (or if some other code forces everything to be SSL) Look in application_top.php and in html_output.php

[mark27uk3]

Hi Mark,

 

I have had a look in those files (and to be honest I am not sure what I am looking for).

 

I have noticed one thing however, if I try to login from

 

https://www.mydomain.com/login.php

 

it throws back an error that no email addy/password were found but the login details work perfectly fine with the normal http:

 

Does this narrow the problem down any??

 

Weird?!

 

Mark

[Guest]

change the ssl to regular access as a test in the configure.php

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

 

then make sure everything works, this at least will narrow it to the SSL path (and/or if you maintain different directories for the osc files between SSL/NONSSL like httpdocs and httpsdocs some servers have)