= Secure Session Plugin =

== Description ==

Trac plugin to lock an authenticated user into using `https://`.

== Bugs/Feature Requests == 

Existing bugs and feature requests for SecSessionPlugin are 
[report:9?COMPONENT=SecSessionPlugin here].

If you have any issues, create a 
[http://trac-hacks.org/newticket?component=SecSessionPlugin&owner=pacopablo new ticket].

== Download ==

Download the zipped source from [download:secsessionplugin here].

== Source ==

You can check out SecSessionPlugin from [http://trac-hacks.org/svn/secsessionplugin here] using Subversion, or [source:secsessionplugin browse the source] with Trac.

== Example ==
Requires setup in trac.ini
{{{
#!ini
[components]
secsession.* = enabled
}}}

The web server must also be configured to only allow access to the login url via https.  An example rewrite rule for apache might look like the following:
{{{
RewriteEngine On
RewriteRule ^/login https://%{SERVER_NAME}/login [L]
}}}

== Author/Contributors ==

'''Author:''' [wiki:pacopablo] [[BR]]
'''Contributors: [wiki:csabahenk]'''

== Comments/Discussion ==

This works great and is very useful (I'm using it with trac 0.9.5), just one issue I'd like to know if anyone has found a workaround for: normally in trac when you click on "login", after the login you stay on the page you were on. With the suggested setup here people always get moved to the base of the wiki. Anyone found a way to get back to the original trac behavior?

I'd like to know if it works with tracd, too.