From f93e76c96ea15d2dcc1f863262aeeeacf1ea0685 Mon Sep 17 00:00:00 2001
From: Michael Peters <mrpeters@library.in.gov>
Date: Tue, 18 Dec 2012 11:05:12 -0500
Subject: [PATCH] LP#1047485 Force HTTPS for Selfcheck

We had reports of problems using selfcheck in
the field: hostname/eg/circ/selfcheck/main

It seems the problem is that if the browser uses http, it doesn't
allow the browser to stay logged in and authenticated leading to a
continuous problem using the selfcheck each time it tried to lookup
a new user's barcode, it would ask for re-authentication.

This forces HTTPS for the selfcheck alias.

Signed-off-by: Michael Peters <mrpeters@library.in.gov>
---
 Open-ILS/examples/apache/eg_vhost.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Open-ILS/examples/apache/eg_vhost.conf b/Open-ILS/examples/apache/eg_vhost.conf
index 81903c93c1..2d135a857e 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf
+++ b/Open-ILS/examples/apache/eg_vhost.conf
@@ -87,6 +87,12 @@ RewriteCond %{REQUEST_URI} ^/opac/(.*?)/
 RewriteRule . - [E=locale:%1]
 
 # ----------------------------------------------------------------------------------
+# Force HTTPS for /eg/circ/selfcheck
+# ----------------------------------------------------------------------------------
+RewriteCond %{HTTPS} !=on
+RewriteRule ^(/eg/circ/selfcheck) https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
+
+# ----------------------------------------------------------------------------------
 # For sanity reasons, default indexes to Off
 # ----------------------------------------------------------------------------------
 Options -Indexes
-- 
2.11.0