I am using services module with session id authentification since a couple of weeks. After I installed the Secure Site module lately, I can't connect to the services api anymore.

The Secure Site module has the following configuration:
- Force authentication: always
- Allowed authentication types: HTML log-in form

My client code fails when I call the system.connect service. I guess because already at this point authentification info is required.

Did anyone get a similar configuration to work?

Thanks,
Florian

Comments

marcingy’s picture

marcingy commented

Why not white the list the end points in the securesite module so as a user is not forced to log on on the services pages

fpahl’s picture

fpahl commented

Sounds like a good idea. Unfortunately there is no option to white list pages in the Secure Site module for drupal 6.
As we want to protect the whole site (even the front page) for a beta test, I have to choose the option "force authentification: always".

Any further hints from anyone?

Thanks,
Florian

marcingy’s picture

marcingy commented

Ah I haven't used the secure site module since d5. To be honest I don't have any ideas beyond creating a patch for securesite that allows for the reintroduction of white list.

marcingy’s picture

marcingy commented
Status: Active » Closed (won't fix)

Marking as won't fix as there is nothing that can be done on the services side as secure site is preventing entry. Might be worth moving it to the securesite issue queue to see if they can help you out.