I was able to generally reproduce this by going to the https login page, logging in, logging out, then going to http version. With "cache anonymous pages" turned on, it would not redirect to https.

Some test curl calls may shed some light...

When it's off, and it works:
$ curl -I http://www.example.com
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Aug 2012 15:07:09 GMT
Server: Apache/2.2.15 (Red Hat)
X-Powered-By: PHP/5.3.3
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Fri, 03 Aug 2012 15:07:09 +0000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
ETag: "1344006429"
Content-Language: en
Location: https://www.example.com/home?destination=node/1
Connection: close
Content-Type: text/html; charset=utf-8

When it's on, and it doesn't work:
$ curl -I http://www.example.com
HTTP/1.1 403 Forbidden
Date: Fri, 03 Aug 2012 15:07:15 GMT
Server: Apache/2.2.15 (Red Hat)
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: HIT
Etag: "1344006376-0"
Content-Language: en
X-Generator: Drupal 7 (http://drupal.org)
Cache-Control: public, max-age=60
Last-Modified: Fri, 03 Aug 2012 15:06:16 +0000
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

Maybe this is not necessarily a bug, but at the very least it should be an installation or documentation issue.

Thanks.

Comments

denix’s picture

I confirm having the same problem. I agree that this is not a proper bug, but it is very annoying as the anonymous cache is very helpful for high traffic servers.
A bit more documentation would be of great help.

Best regards,
Denis

mfb’s picture

Status: Active » Postponed (maintainer needs more info)

I use "cache anonymous pages" and HTTPS redirect on my sites without any trouble.

If the page has already been cached before you enable HTTPS redirect, then you would have to clear your cache to get it working. It might be a good idea to clarify this in documentation.

julianmancera’s picture

Hi,

I'm getting the redirect loop problem with the cache for anonymous user enabled. Do you have this same problem? It seems that this issue was addressed for the D6 version of the module but remains for D7

Julian Mancera

mfb’s picture

I'm still going to need more info on how to reproduce this. I use secure login module on numerous sites with cache anonymous pages enabled. "me too" doesn't actually help diagnose the problem.

mfb’s picture

Status: Postponed (maintainer needs more info) » Fixed

I added a cache_clear_all() call in the securelogin settings page so hopefully this fixes any issues people are having. If not please re-open :)

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

denix’s picture

Status: Closed (fixed) » Active
denix’s picture

Status: Active » Closed (fixed)