Hi,
1) yes, you can set that up in IIS.First you need to install the SSL
certificate inside IIS, then you go to 'directory security', edit and switch
on the 'require secure channel (SSL)' checkbox.
2) If you are just talking about ASPX pages, the built-in security of
ASP.NET is just fine. So you setup your web.config file to Forms
authentication, deny access for users who are not logged in and allow access
for authenticated users.
There are two nice papers about this in case you are interested:
http://msdn.microsoft.com/library/de...cnetlpMSDN.asp http://msdn.microsoft.com/library/de...haspdotnet.asp
Best regards,
Marc Hoeppner
NeoGeo
"Jenny" <j.********@SPAMx-mail.net> wrote in message
news:09****************************@phx.gbl...
Hi all,
Two questions:
How can I force the use of an https connection for a first
password site?
What is the best way to prevent direct access to the pages
behind this password site?
Thanks in advance
Jenny