By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,742 Members | 793 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,742 IT Pros & Developers. It's quick & easy.

requireSSL not working on web site

P: n/a
I have a web site that is configured for FORMS authentication. I have the "requireSSL" parameter set to "true" and the authorization set to "deny" any unauthenticated users. For whatever reason, though, when I go to the site using HTTP it never redirects me to HTTPS.

What should I be looking for to fix this problem? Doesn't the requireSSL automatically redirect to HTTPS on an HTTP request?

Thanks
Nov 18 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
The requireSSL property of the Forms authentication doesn't actually
redirect you. The property tells whether or not the cookie that the Forms
authentication creates is transmitted using https and doesn't do anything
about redirection.

Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage

"javatopia" <an*******@discussions.microsoft.com> wrote in message
news:51**********************************@microsof t.com...
I have a web site that is configured for FORMS authentication. I have the "requireSSL" parameter set to "true" and the authorization set to "deny" any
unauthenticated users. For whatever reason, though, when I go to the site
using HTTP it never redirects me to HTTPS.
What should I be looking for to fix this problem? Doesn't the requireSSL automatically redirect to HTTPS on an HTTP request?
Thanks

Nov 18 '05 #2

P: n/a
Here's some code that might help - put it in your page load event:

If Not Request.IsSecureConnection And Not Request.Url.IsLoopback Then
Response.Redirect(Regex.Replace(Request.Url.ToStri ng, "http",
"https")
End If

"Mark Fitzpatrick" <ma******@fitzme.com> wrote in message
news:u7*************@tk2msftngp13.phx.gbl...
The requireSSL property of the Forms authentication doesn't actually
redirect you. The property tells whether or not the cookie that the Forms
authentication creates is transmitted using https and doesn't do anything
about redirection.

Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage

"javatopia" <an*******@discussions.microsoft.com> wrote in message
news:51**********************************@microsof t.com...
I have a web site that is configured for FORMS authentication. I have
the "requireSSL" parameter set to "true" and the authorization set to "deny" any unauthenticated users. For whatever reason, though, when I go to the site
using HTTP it never redirects me to HTTPS.

What should I be looking for to fix this problem? Doesn't the
requireSSL automatically redirect to HTTPS on an HTTP request?

Thanks


Nov 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.