Ernst has just posted his code for an ssl interceptor he just created. It looks awesome so take a look for yourself.
Blog
Recent Entries
TestBox Latest Updates and News!
We’re thrilled to have launched the new TestBox website and TestBox 6.0! If you haven’t had a chance to explore yet, visit TestBox to discover updated documentation, powerful resources, and features that make testing more efficient than ever.
Maria Jose Herrera
Maria Jose Herrera
November
21,
2024
Is Your ColdFusion Application Ready for the Future?
In a rapidly evolving digital world, maintaining performance, security, and scalability for ColdFusion applications is more challenging than ever. Whether you're using Lucee or Adobe ColdFusion, legacy systems can become a bottleneck for growth, innovation, and user satisfaction. The need to future-proof your ColdFusion applications has never been more critical.
But where do you start?
The Hidden Costs of an Outdated ColdFusion Application
As you...
Cristobal Escobar
Cristobal Escobar
November
21,
2024
The Hidden Costs of In-House Database Management
The Hidden Costs of In-House Database Management
Opting for in-house database management involves more than just a salary. Here are some often-overlooked costs associated with maintaining your own DBA team.
1. High Salaries and Benefits
Hiring skilled DBAs is expensive. According to industry reports, the average salary of a DBA in the U.S. can range from $85,000 to over $130,000 per year, depending on experience and expertise. When you add ...
Cristobal Escobar
Cristobal Escobar
November
20,
2024
Add Your Comment
(4)
Jan 19, 2008 23:50:35 UTC
by Rob Gonda
It's missing some functionality ... how does it know which event has to be secured? It should secure only specific events, and force unsecured requests for the rest. something like if not isSsl and requireSll then cflocate to https if isSsl and not requireSll then cflocate to http
Jan 19, 2008 23:54:53 UTC
by Luis Majano
That is up to Ernst, but I think its a good start.
Jan 21, 2008 16:01:48 UTC
by Ernst van der Linden
Rob you're right. We could implement that. Just make a list of allowed events without SSL as a property in interceptor xml definition and then check with event.getCurrentEvent() if we need SSL. I will take a look and keep you informed.
Jan 21, 2008 17:47:57 UTC
by Ernst van der Linden
Rob, I made in new blog entry. The SSL interceptor now supports SSL for specific events. Comments are welcome!