ssl_required being ignored?

rubyonrails-talk
1

Hi everyone! I want to require SSL for a single action in one of my controllers (for logging in, and sending a password).

Working off of the skateboard book, I have added: include SslRequirement to my application controller, and then in the login controller, I have added the line: ssl_required :login

This does not give me any errors, but it does not redirect me to https either. It simply acts like it did before I added those two lines. What have I missed?

I believe ssl is working on my server, as I can actually change any address in my app to https instead of http, and it works fine, but it seems to be ignoring the ssl_required line. Here is a taste of what I've got:

class LoginController < ApplicationController   ssl_required :login   before_filter :authorize, :except => [:login, :index]   layout 'public'

  def login     ...   end

  ... end

Any help would be greatly appreciated. Hopefully I've just missed something simple, but as I said, I'm using the example posed in the skateboard book, and it seems to be just that simple. Thank you!

2

Hi,

Hi everyone! I want to require SSL for a single action in one of my controllers (for logging in, and sending a password).

Working off of the skateboard book, I have added: include SslRequirement to my application controller, and then in the login controller, I have

added the line: ssl_required :login

This does not give me any errors, but it does not redirect me to https either. It simply acts like it did before I added those two lines. What have I missed?

I believe ssl is working on my server, as I can actually change any address in my app to https instead of http, and it works fine, but it seems to be ignoring the ssl_required line. Here is a taste of what I’ve got:

class LoginController < ApplicationController ssl_required :login before_filter :authorize, :except => [:login, :index] layout ‘public’

def login … end

end

Any help would be greatly appreciated. Hopefully I’ve just missed something simple, but as I said, I’m using the example posed in the skateboard book, and it seems to be just that simple. Thank you!

You could try making all actions require ssl by adding the following to your application.rb

protected def ssl_required? true end

I actually use the following in my code, so it does not require ssl when I’m in the development or test environment.

protected def ssl_required?

ENV[“RAILS_ENV”] == “production”

end