swat/scripting/preauth.esp

   1 <%
   2 include("/scripting/common.js");
   3
   4 /* this script is called on every web request. If it produces any
   5    output at all then that output is returned and the requested page
   6    is not given or processed.
   7 */
   8 if (server['SERVER_PROTOCOL'] == "http" &&
   9     server['TLS_SUPPORT'] == "True") {
  10         write("redirect to https");
  11         redirect("https://" + headers['HOST'] + request['REQUEST_URI']);
  12 } else if (always_allowed(request['REQUEST_URI']) != true &&
  13            session['AUTHENTICATED'] == undefined) {
  14         /* present the login page */
  15         include("/login.esp");
  16 }
  17 %>