473,287 Members | 1,413 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,287 software developers and data experts.

http vs https

jdp
I've created an asp.net 2.0 site that has secure and non secure pages
so, obviously, it has a login page. The web.sitemap file has the url
set to the relative location of the page, meaning https isn't
specified. Because my machine and any other developer will have a
certificate installed, we get a Security Alert dialog box. Click Yes
and get routed to the login page in https mode. User logs in and
continues in https mode, all is fine. Here's the question. When
sitting on the login page the first time (https is the mode), and I
click any link in my menu, meaning any page exposed to the public, I
can't get out of https mode! How do you toggle the mode? What
I've tried is creating an http module that intercepts the
PreRequestHandlerExecute method (code is below). This sort of works
except that I have two other pages on the login page that, once on
them, if I click in the menu, I need to get out of https mode. I was
hoping I wouldn't have to hard code them in the second if statement.
Can anyone shed some light on this?

Here's the code for trying to switch modes:

Dim ctx As HttpContext = HttpContext.Current
If ctx.Request.IsAuthenticated = True AndAlso
ctx.Request.IsSecureConnection = False Then
ctx.Response.Redirect(ctx.Request.Url.ToString.Rep lace("http:",
"https:"))
Else
If ctx.Request.IsAuthenticated = False AndAlso _
ctx.Request.IsSecureConnection = True AndAlso _
ctx.Request.Url.ToString.ToLower.IndexOf("webresou rce.axd") = -1
AndAlso _
Not ctx.Request.CurrentExecutionFilePath.ToLower =
FormsAuthentication.LoginUrl.ToLower Then

ctx.Response.Redirect(ctx.Request.Url.ToString.Rep lace("https:",
"http:"))
End If
End If

Any feedback is greatly appreciated!

Sep 8 '06 #1
1 2420
"jdp" <ja***********@pacourts.uswrote in message
news:11**********************@e3g2000cwe.googlegro ups.com...
Can anyone shed some light on this?
This is precisely what you're looking for...
http://www.codeproject.com/aspnet/We...id=53615&exp=0
Sep 8 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
by: NotGiven | last post by:
I need to verify if the page that led the user to this page used http or httpS. for example, if the use cam to my page from: httpS://www.dm.com/sample/foo.php I want to know as opposed to...
5
by: Bob Hansen | last post by:
I am using the following code in my default.asp page to redirect the page from HTTP to HTTPS <% if Request.ServerVariables("HTTPS") = "off" Then Response.Redirect("https://" &...
6
by: Astra | last post by:
Hi All I've noticed on quite a few ASP sites that when they have a 'MyAccount' section they transfer the site to https and then when you have logged into your account successfully and gone back...
2
by: McKirahan | last post by:
I have an ASP site, an SSL certificate, and an {Order page}. I want to use "https" for the {Order page} and "http" for all others. Each page "includes" a common ".asp" file which detects the...
12
by: Grunff | last post by:
I'm experiencing an interesting problem with carrying a php session over from http to https. Much googling later, I'm still stuck. The application is an online shop, where some user data is...
3
by: E | last post by:
I have a https login page with C# code FormsAuthentication. After logging in, my https pages recognize that I'm logged in. My http pages do not. It's as if it's considering these pages under a...
14
by: david | last post by:
I have developed web forms including login by using ASP.NET via HTTP. Now I want to secure the connection from client to the server via HTTPS. How can I configure the server or something else to...
4
by: bkasmai | last post by:
My asp.net application (developed using vs2003) runs fine on a windows 2000 server using iis 5.0. Our network manager wants to do away with any http connections and only use https for services that...
8
by: howa | last post by:
a page currently in HTTPS, I force the client to redirect to another page using HTTP under the same domain (e.g. abc.com), i.e. header("Location: http://www.abc.com/index.php"); IE...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.