I have a rails 3.1 app running on Heroku and am about to add user authentication. I have also attached a ssl cert and plan on using secure.mydomain.com for registration and sign in. I know that I can force a model to use ssl easily in 3.1. But how to I make sure that the generated route paths for the user default to the secure Subdomain? Example: if a user clicks sign up or sign in he is sent to https://secure.mydomain.com If it matters, I''m planning on using devise, but I''m fine with rolling my own if need be. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Hesham Amiri wrote in post #1023058:> I have a rails 3.1 app running on Heroku and am about to add user > authentication. > I have also attached a ssl cert and plan on using secure.mydomain.com > for registration and sign in. > > I know that I can force a model to use ssl easily in 3.1. > > But how to I make sure that the generated route paths for the user > default to the secure Subdomain? > Example: if a user clicks sign up or sign in he is sent to > https://secure.mydomain.com > > If it matters, I''m planning on using devise, but I''m fine with rolling > my own if need be.What is the benefit of using a subdomain for SSL? Why not keep your life simple and put the SSL cert on mydomain.com or use a wildcard cert on *.mydomain.com? SSL run through a different port anyway so why the need for a separate subdomain? As for handling routing to subdomains, this might help: http://guides.rubyonrails.org/routing.html#request-based-constraints P.S. I''m not trying to be difficult, I really would like to know the benefit gained by using a subdomain. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
From what I understand from the docs on Heroku, I will have to specify a secure subdomain even though I have a wildcard certificate. On Sep 22, 12:42 am, Robert Walker <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hesham Amiri wrote in post #1023058: > > > I have a rails 3.1 app running on Heroku and am about to add user > > authentication. > > I have also attached a ssl cert and plan on using secure.mydomain.com > > for registration and sign in. > > > I know that I can force a model to use ssl easily in 3.1. > > > But how to I make sure that the generated route paths for the user > > default to the secure Subdomain? > > Example: if a user clicks sign up or sign in he is sent to > >https://secure.mydomain.com > > > If it matters, I''m planning on using devise, but I''m fine with rolling > > my own if need be. > > What is the benefit of using a subdomain for SSL? Why not keep your life > simple and put the SSL cert on mydomain.com or use a wildcard cert on > *.mydomain.com? SSL run through a different port anyway so why the need > for a separate subdomain? > > As for handling routing to subdomains, this might help: > > http://guides.rubyonrails.org/routing.html#request-based-constraints > > P.S. I''m not trying to be difficult, I really would like to know the > benefit gained by using a subdomain. > > -- > Posted viahttp://www.ruby-forum.com/.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Thu, Sep 22, 2011 at 2:35 AM, Hesham <hesham.amiri-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> From what I understand from the docs on Heroku, I will have to specify > a secure subdomain even though I have a wildcard certificate.Can you provide a pointer to that doc? I have an app on Heroku using SSL without any subdomain. -- Hassan Schroeder ------------------------ hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org http://about.me/hassanschroeder twitter: @hassan -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.