CA5220C0E84D4A71AE4F44BD52FD9E06
  • RedDot CMS Blog
  • 03.01.2020
  • EN

rdb: RedDot LiveServer SSL switch

That has already been posted inside the comment of an older project but I thought this would be useful as an own post because it shows very good how to create a switch for SSL within the Open Text Websolutions Delivery Server 9.
 

HTTP to HTTPS switch and vice versa using RedDot LiveServer Delivery Server dynaments

<reddot:cms>  
  <if>  
    <query valuea="Context:CurrentRenderMode" operator="==" valueb="Int:2">  
      <if>  
      <query valuea="Context:CurrentPage.Elements.GetElement(opt_secure).GetHtml()" operator="==" valueb="String:ssl">  
        <htmltext>  
          <rde-dm:attribute mode="condition" source="request" attribute="rdeServletServer" op="contains" value="80">  
            <rde-dm:process mode="redirect" url="[#request:rdeHttpsServer#]/[#request:rdeCurrentXmlId#]" status="301" />  
            </rde-dm:attribute>  
          </htmltext>  
        </query>  
        <query type="else">  
          <htmltext>  
            <rde-dm:attribute mode="condition" source="request" attribute="rdeServletServer" op="contains" value="443">  
              <rde-dm:process mode="redirect" url="[#request:rdeHttpServer#]/[#request:rdeCurrentXmlId#]" status="301" />  
            </rde-dm:attribute>  
          </htmltext>  
        </query>  
      </if>  
    </query>  
  </if>  
</reddot:cms>  

 

How it works

  • Add an option list element opt_secure to your MasterPage template and add an empty option labelled “default” for non-secure pages and a value labelled “Secure page” with the value “ssl” to your RedDot CMS template I wont say Web Solutuions Management Server template this time. funny
  • This line makes sure, that your code is only executed on the published page, to know more about that take a look on one of my older posts
    <query valuea="Context:CurrentRenderMode" operator="==" valueb="Int:2">
  • This line checks if the page should be in SSL mode or not
    <query valuea="Context:CurrentPage.Elements.GetElement(opt_secure).GetHtml()" operator="==" valueb="String:ssl">
  • This tests if the URL contains the port 80 (also in port 8080) and then
    <rde-dm:attribute mode="condition" source="request" attribute="rdeServletServer" op="contains" value="80">
  • Here the visitor is forwarded to the same page in SSL mode and the HTTP header 301 as “permanantly moved” is added
    <rde-dm:attribute mode="condition" source="request" attribute="rdeServletServer" op="contains" value="80">  

 

This is no one way street

The redirect works in both directions so that you can switch easily from HTTP to HTTPS or when you already are in SSL mode back from HTTPS to HTTP. Questions?

 

Discussion

Nice solution if the Delivery Server is exposed to the Internet.
I had a similar ssl/non-ssl issue to solve recently and have used an Apache mod_rewrite approach.

port 80 config width:

RewriteCond %{REQUEST_URI} ^/cps.*-ssl.html [NC]
RewriteRule ^/(.*)$ https://my.website.de/$1 [NE,NC,R=permanent,L]

port 443 config:

RewriteCond %{REQUEST_URI} ^/cps/.*.html [NC]
RewriteCond %{REQUEST_URI} !^/.*-ssl.html [NC]
RewriteRule ^/(.*)$ http://my.website.de/$1 [NE,NC,R=permanent,L]

So the opt_secure is here the -ssl.html in the file name.