The code in your routes.cfm get’s executed only once, once the application starts up.
You basically need to check for ssl and alter the setting accordingly. The problem is that you need to alter it according to a request basis, since one person can be in ssl and another not in ssl.
I recommend you create a request context decorator and decorate the getSESBaseURL() method to include the protocol in the return.
That is an interesting issue... which I hadn't even though of... You
are correct in saying that someone could be on asite in ssl and others
not.... but in this particular application it will be available in SSL
only..
However, I will need to figure out exactly what you have pointed out
for other apps..
I am already using a custom RequestContextDecorator.
so my next steps shoul be..
1. overload the getSESBaseURL() function in my
RequestContextDecorator
2. check if HTTPS = on
3. call super.getSESBaseURL()
4. replace http with https if HTTPS = on
5. return new SESBaseURL.
If i got that correct.. this seems straight forward..
My menus are now building links properly, and stuff is begining to
work on SSL.. then I find my next problem...
my SecurityRules.xml.cfm redirects to "user/login" and that is
redirecting to "http://secure.domain.com/index.cfm/user/login" which
does not exist in this case.
I must not have everything setup to handle this.. any other ideas?
Hmm, I believe this might be an issue with the security interceptor as it does not distinguish for ssl and non-ssl calls. It just uses the setnextevent and setnextroute to redirect.
Hmm, this might need an update to the actual interceptor to deal with ssl and the like.
You will probably need to update the security interceptor to meet your needs. I would do the following. Create my own security interceptor that inherits from the coldbox core one. Then override the setNextRoute() and setNextEvent() methods to meet your needs.