I have a rails 3.1 app running on Heroku and am about to add user
authentication.
I have also attached a ssl cert and plan on using secure.mydomain.com
for registration and sign in.

I know that I can force a model to use ssl easily in 3.1.

But how to I make sure that the generated route paths for the user
default to the secure Subdomain?
Example: if a user clicks sign up or sign in he is sent to
https://secure.mydomain.com

If it matters, I'm planning on using devise, but I'm fine with rolling
my own if need be.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Search Discussions

  • Robert Walker at Sep 21, 2011 at 8:42 pm

    Hesham Amiri wrote in post #1023058:
    I have a rails 3.1 app running on Heroku and am about to add user
    authentication.
    I have also attached a ssl cert and plan on using secure.mydomain.com
    for registration and sign in.

    I know that I can force a model to use ssl easily in 3.1.

    But how to I make sure that the generated route paths for the user
    default to the secure Subdomain?
    Example: if a user clicks sign up or sign in he is sent to
    https://secure.mydomain.com

    If it matters, I'm planning on using devise, but I'm fine with rolling
    my own if need be.
    What is the benefit of using a subdomain for SSL? Why not keep your life
    simple and put the SSL cert on mydomain.com or use a wildcard cert on
    *.mydomain.com? SSL run through a different port anyway so why the need
    for a separate subdomain?

    As for handling routing to subdomains, this might help:

    http://guides.rubyonrails.org/routing.html#request-based-constraints

    P.S. I'm not trying to be difficult, I really would like to know the
    benefit gained by using a subdomain.

    --
    Posted via http://www.ruby-forum.com/.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Hesham at Sep 22, 2011 at 9:36 am
    From what I understand from the docs on Heroku, I will have to specify
    a secure subdomain even though I have a wildcard certificate.

    On Sep 22, 12:42 am, Robert Walker wrote:
    Hesham Amiri wrote in post #1023058:
    I have a rails 3.1 app running on Heroku and am about to add user
    authentication.
    I have also attached a ssl cert and plan on using secure.mydomain.com
    for registration and sign in.
    I know that I can force a model to use ssl easily in 3.1.
    But how to I make sure that the generated route paths for the user
    default to the secure Subdomain?
    Example: if a user clicks sign up or sign in he is sent to
    https://secure.mydomain.com
    If it matters, I'm planning on using devise, but I'm fine with rolling
    my own if need be.
    What is the benefit of using a subdomain for SSL? Why not keep your life
    simple and put the SSL cert on mydomain.com or use a wildcard cert on
    *.mydomain.com? SSL run through a different port anyway so why the need
    for a separate subdomain?

    As for handling routing to subdomains, this might help:

    http://guides.rubyonrails.org/routing.html#request-based-constraints

    P.S. I'm not trying to be difficult, I really would like to know the
    benefit gained by using a subdomain.

    --
    Posted viahttp://www.ruby-forum.com/.
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Hassan Schroeder at Sep 22, 2011 at 2:05 pm

    On Thu, Sep 22, 2011 at 2:35 AM, Hesham wrote:
    From what I understand from the docs on Heroku, I will have to specify
    a secure subdomain even though I have a wildcard certificate.
    Can you provide a pointer to that doc? I have an app on Heroku using
    SSL without any subdomain.

    --
    Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
    http://about.me/hassanschroeder
    twitter: @hassan

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedSep 21, '11 at 7:29a
activeSep 22, '11 at 2:05p
posts4
users3
websiterubyonrails.org
irc#RubyOnRails

People

Translate

site design / logo © 2022 Grokbase