Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.
Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca
This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.
I have finished doing the web installation of OJS 2.4.3 and am now tweaking the config.inc.php file.
I want to use SSL only for OJS login, so I need to change "force_login_ssl" to "= On" which will change the URL access for the login page to "https://www.example.com/index.php/index/login. However, I notice that the right sidebar will always show the user login panel in almost every page if the user is not log in, inviting the user to login at any time.
So my question is: if I enable "force_login_ssl", will the user login credential in the right sidebar be encrypted for transmission from pages other than the OJS login page?
- Victor -
- Posts: 9
- Joined: Sun Jan 26, 2014 8:06 am
- Location: Singapore
Yes, that setting should also change the form submit URL for the sidebar login form. You can verify this for yourself by turning on the setting and using View Source in your browser.
Public Knowledge Project Team
- Posts: 10015
- Joined: Wed Aug 10, 2005 12:56 pm
Return to OJS Technical Support
Who is online
Users browsing this forum: Bing [Bot] and 1 guest