ranxero Posted January 5, 2004 Share Posted January 5, 2004 I have a strange problem that I don't understand: I set up SSL with Apache webserver and oscommerce-2.2ms2 catalog and admin residing on the same server. It works fine for catalog and admin panel. now I want to add a login to the admin panel with .htaccess which works fine as well - JUST: when I access http://myserver/admin/ and login via the browser and after wards click on a link that points to maybe https://myserver/admin/configuration I have to login again and vice versa, that means first access panel via SSL then click on a non SSL link I have to login again. I always have to login twice. I fummbled around a lot but couldn't figure it out. I paste in the .htaccess, the admin configure and catalog configure. maybe someone would care to have a look or knows right away ?! thanks in advance ############### .htaccess file ##################### <IfModule mod_setenvif.c> <IfDefine SSL> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </IfDefine> </IfModule> DirectoryIndex default.php index.php index.htm index.html AuthUserFile "c:/somewhere/dir/Apache/htdocs/.htpasswd" AuthType Basic AuthName "Admin" require valid-user Options Indexes FollowSymlinks MultiViews ############### admin configure.php ##################### define('HTTP_SERVER', 'http://myhost'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://myhost'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_CATALOG_SERVER', 'http://myhost'); define('HTTPS_CATALOG_SERVER', 'https://myhost'); define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', 'C:/somewhere/dir/Apache2/htdocs'); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/fphstore/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/fphstore/fphstore/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', ''); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'my_datasource'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql' ############### catalog configure.php ##################### define('HTTP_SERVER', 'http://myhost'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://myhost'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', '/fphstore/fphstore/'); define('HTTPS_COOKIE_DOMAIN', '/fphstore/fphstore/'); define('HTTP_COOKIE_PATH', '/fphstore/fphstore/'); define('HTTPS_COOKIE_PATH', '/fphstore/fphstore/'); define('DIR_WS_HTTP_CATALOG', '/fphstore/fphstore/'); define('DIR_WS_HTTPS_CATALOG', '/fphstore/fphstore/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/fphstore/fphstore/'); define('DIR_FS_DOWNLOAD', 'give/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', ''); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', 'my_datasource'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql' Link to comment Share on other sites More sharing options...
♥kymation Posted January 5, 2004 Share Posted January 5, 2004 Your first login is to http://myserver/admin/ which is a non-secure link. Change this to https://myserver/admin/ and you should be fine. Also, https://myserver/admin/ and https://www.myserver/admin/ are considered different sites and will require you to log in twice. You actually have to log in for every request, but your browser remembers your username and password and sends it for you, as long as it thinks that you are on the same site. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
ranxero Posted January 6, 2004 Author Share Posted January 6, 2004 maybe I don't understand your answer or I didn't explain the problem well enough. situation: catalog and admin on same server SSL working fine for both. >Your first login is to http://myserver/admin/ which is a non-secure link. Change >this to https://myserver/admin/ and you should be fine I use the https url to access admin panel at first. of course I have to login then. when I'm logged in and I click an a non SSL link I have to login again. Is there any way to avoid that? anyway thanks for your effort regards Christian Link to comment Share on other sites More sharing options...
♥kymation Posted January 6, 2004 Share Posted January 6, 2004 Sorry, I misunderstood the problem. You need to change the configure.php for your admin side to have only the secure form of the address. That is, both the HTTP_SERVER and HTTPS_SERVER need to be set to https://myserver/admin/. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted January 6, 2004 Share Posted January 6, 2004 in your configure.php file, line 1 shows you should be logging into http://myhost which should only require one login. sometimes, depending upon what you have setup in your httpd.conf file, it may require you two times of connecting. it is more annoying than anything else, if you want to troubleshoot, have at it, else live with it. it isnt a function of osCommerce, it is a function of your server and how you have htaccess etup Link to comment Share on other sites More sharing options...
ranxero Posted January 7, 2004 Author Share Posted January 7, 2004 thanks Jim, didn't make myself very clear in the first place - sorry. what you propose sounds like a good idea. will try that one. thanks Christian Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.