I'm trying to use the ssl requirement plugin with the restful authentication plugin and I have a question that I'm having trouble finding the answer to.
When allowing a user to login from a non-SSL action/page, should I require SSL on the session's create action for increased security, or is that overkill?
If so, how do I get the create action to work going from non-SSL to SSL? It throws a ActionController::MethodNotAllowed exception stating "Only post and delete requests are allowed".
Thanks.