I’ve successfully set up Silent SSO with an HTTP F5/Apache/Tomcat configuration. Now I’m considering the possibility of an HTTPS connection, but only when the logon page is displayed.

That is, if Silent SSO is successful, it will be HTTP all the way. But if Silent SSO is unsuccessful, or if the logon page is displayed for any reason, I’d like the connection to be redirected to an SSL site. Then once the connection is made, it is redirected back to the main site. Essentially, I want to encrypt the logon page but nothing else.

Has anyone successfully done this?

joepeters (BOB member since 2002-08-29)

I think you could do this using mod_rewrite.

http://webmasters.stackexchange.com/questions/49316/redirecting-one-page-to-https-and-all-others-back-to-http-isnt-working-as-expe

http://snipplr.com/view/4801/

thesnow (BOB member since 2011-08-10)

Thanks.

joepeters (BOB member since 2002-08-29)