By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,663 Members | 1,477 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,663 IT Pros & Developers. It's quick & easy.

http vs https

P: n/a
jdp
I've created an asp.net 2.0 site that has secure and non secure pages
so, obviously, it has a login page. The web.sitemap file has the url
set to the relative location of the page, meaning https isn't
specified. Because my machine and any other developer will have a
certificate installed, we get a Security Alert dialog box. Click Yes
and get routed to the login page in https mode. User logs in and
continues in https mode, all is fine. Here's the question. When
sitting on the login page the first time (https is the mode), and I
click any link in my menu, meaning any page exposed to the public, I
can't get out of https mode! How do you toggle the mode? What
I've tried is creating an http module that intercepts the
PreRequestHandlerExecute method (code is below). This sort of works
except that I have two other pages on the login page that, once on
them, if I click in the menu, I need to get out of https mode. I was
hoping I wouldn't have to hard code them in the second if statement.
Can anyone shed some light on this?

Here's the code for trying to switch modes:

Dim ctx As HttpContext = HttpContext.Current
If ctx.Request.IsAuthenticated = True AndAlso
ctx.Request.IsSecureConnection = False Then
ctx.Response.Redirect(ctx.Request.Url.ToString.Rep lace("http:",
"https:"))
Else
If ctx.Request.IsAuthenticated = False AndAlso _
ctx.Request.IsSecureConnection = True AndAlso _
ctx.Request.Url.ToString.ToLower.IndexOf("webresou rce.axd") = -1
AndAlso _
Not ctx.Request.CurrentExecutionFilePath.ToLower =
FormsAuthentication.LoginUrl.ToLower Then

ctx.Response.Redirect(ctx.Request.Url.ToString.Rep lace("https:",
"http:"))
End If
End If

Any feedback is greatly appreciated!

Sep 8 '06 #1
Share this Question
Share on Google+
1 Reply


P: n/a
"jdp" <ja***********@pacourts.uswrote in message
news:11**********************@e3g2000cwe.googlegro ups.com...
Can anyone shed some light on this?
This is precisely what you're looking for...
http://www.codeproject.com/aspnet/We...id=53615&exp=0
Sep 8 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.