Want mission portal on https all the time? Try this policy

 In 3.6.x Mission Portal is configured by default to listen on both secure and unsecure ports. When this policy is activated on the hub all nonsecure traffic will be redirected to https.

 

     bundle agent cfe_internal_mission_portal_ensure_https
     {
       meta:
         "description"
           string => "Ensure that mission portal is only accessed via a secure
                      connection by redirecting non https traffic to https.";

       vars:
           "http_redirect"
             string => "RewriteCond %{HTTPS} off
     RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]",
             comment => "To prevent accidental login over http this automatically
             redirects all http requests to https";

       files:
         "$(sys.workdir)/share/GUI/Apache-htaccess"
           edit_line => append_if_no_line($(http_redirect)),
           comment => "We edit the file in share because
                       cfe_internal_setup_knowledge_files_doc_root_htaccess ensures
                       that the deployed htaccess file is copied from share so if we
                       dont promise the source then we will have continual repairs.";
     }



Activate the policy using a methods type promise:

  bundle agent example
  {
    methods:
      enterprise_edition.policy_server::
        "Redirect_Http"
          usebundle => cfe_internal_mission_portal_ensure_https,
          comment   => "Redirect all http traffic to https for improved
                        security";
  }

Comments

Powered by Zendesk