Re: redirect http to https for virtual directories

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 04/12/04 

Date: Mon, 12 Apr 2004 16:32:56 +1000

Hi,

a) create a custom error page to do the http -> https redirect (e.g. similar
to your existing default.asp). Make sure that this page does *nothing* else
important

b) setup the virtual directory so that:
    - it requires SSL
    - it requires authentication

c) setup the custom error page so that it *does not* require authentication.

Then, when a user comes to the site using http:// the custom error page will
be invoked, but the user will not be required to authenticate. The error
page will redirect to https://, and then the user will be required to
authenticate when they access any of the other documents in the secured
directory.

Cheers
Ken

"Arif" <anonymous@discussions.microsoft.com> wrote in message
news:1821b01c41f58$a30edd60$a601280a@phx.gbl...
: Hi,
: I have a web server with the following configuration;
: 1. Anonymous Access is turned on
: 2. SSL certificate is installed and required
: 3. Custom Error 403.4 page is edited to redirect
: http://servername to https:///servername
: 4. Couple of Virtual Directories (one with classic ASP
: and the other one with ASP.Net applications)
: 5. Anonymous Access is TURNED OFF at the virtual
: directories level because of the application requirements
:
: The http to https redirect at the root level
: (http://servername) is working fine. But I need to have
: http to https redirect at the virtual directory level. I
: have the same code that I am using in the custom error
: page in defaul.asp page in my virtual directory. Since
: the anonymous access is turned off, it asks for the
: authentication and once authenticated it processes the
: http to https redirect. So the redirect is working but
: for obvious reason, I cannot have this in production
: becuase the initial authentication is done over simple
: text.
:
: If I do not have the code in "default.asp" page to
: redirect to https, then I get JUST "HTTP Error 403 -
: Forbidden".
:
: Can anyone please help me how to configure the http to
: https for a URL like http://servername/aspapp/, the
: default page is "default.asp"??? Keep in mind, I have to
: have ONLY Basic Authentication. (I can live with
: unchecking the Require SSL at the virtual directory level
: if it is assured that all the contents are being
: redirected to HTTPS).
:
: Thanks in advance for your help.
: Arif
:

Relevant Pages

  • Re: redirect http to https for virtual directories
    ... Did you setup httpredirect.asp as the 403.4 custom error for the virtual ... at the URL and if it comes over "80" redirect to ... httpredirect.asp BUT ASKS FOR THE AUTHENTICATION even ... 403.4 custom error not handling http to https redirects ...
    (microsoft.public.inetserver.iis)
  • Re: Ports to be opened for OWA
    ... Most Admins place an HTTP to HTTPS redirect, thus they have Port 80 open as ... but you will have to instruct your users that HTTPS ...
    (microsoft.public.exchange.admin)
  • Re: SSL security authorization?
    ... > I see that we are talking about a kind of interactive authentication ... > (Most of the time the actual HTTPS url is masked ... > the secure server.) ... either urllib or urllib2. ...
    (comp.lang.python)
  • Re: A single page from an existing application under SSL?
    ... If you're using forms authentication over HTTP, ... cookie over HTTPS). ... Since credit card submission would take place after ... a certificate for the "secure" version of the site address, ...
    (microsoft.public.dotnet.security)
  • Repeated Failure Audits - related to RPC over HTTPS
    ... for OWA and one is dedicated for RPC over HTTPS. ... select the check box next to Basic authentication (password is sent in clear ... front-end server, but they persist on the back-end server. ...
    (microsoft.public.exchange.admin)