I have a rails 3.1 app running on Heroku and am about to add user
authentication.
I have also attached a ssl cert and plan on using secure.mydomain.com
for registration and sign in.
I know that I can force a model to use ssl easily in 3.1.
But how to I make sure that the generated route paths for the user
default to the secure Subdomain?
Example: if a user clicks sign up or sign in he is sent to https://secure.mydomain.com
If it matters, I’m planning on using devise, but I’m fine with rolling
my own if need be.
I have a rails 3.1 app running on Heroku and am about to add user
authentication.
I have also attached a ssl cert and plan on using secure.mydomain.com
for registration and sign in.
I know that I can force a model to use ssl easily in 3.1.
But how to I make sure that the generated route paths for the user
default to the secure Subdomain?
Example: if a user clicks sign up or sign in he is sent to https://secure.mydomain.com
If it matters, I’m planning on using devise, but I’m fine with rolling
my own if need be.
What is the benefit of using a subdomain for SSL? Why not keep your life
simple and put the SSL cert on mydomain.com or use a wildcard cert on
*.mydomain.com? SSL run through a different port anyway so why the need
for a separate subdomain?
As for handling routing to subdomains, this might help: