Forms Authentication and SSL

M

Marco Roello

Hi, I read some posts here, but I haven't found the full solution of my
problem.

I,ve configured my web application to use SSL with Server Certificates
(Tested and works).

Only one subfolder (/secure) of my webapp works with SSL. (Tested and works)

Web.Config
authentication mode="Forms">
<forms loginUrl="/secure/login.aspx" protection="All" timeout="30"
requireSSL="true">
......

The users search a page of my webapp (example:
"http://myserver/mywebapp/webform1.aspx") on a non secure SSL channel.
If the user isn't authenticated, he will be redirected to the loginUrl. The
problem is that he will not be redirected with the https:// prefix, so he
has to manually change the address in from http:// to https://.

I've tried putting the full address in the loginUrl, like
loginUrl="https://myserver/mywebapp/secure/login.aspx", but in this case,
when redirecting on the login.aspx, I receive an Access denied Error
(401.2).

I've tried to configure IIS security, with anonimous access only, windows
authentication, both, but nothing changes.

So, the question is simple: how can I redirect a user to a SSL login page
when he isn't authenticated, don't matter if he comes from an http:// or
https:// address
Thank you in advance

Marco Roello
(e-mail address removed)



How can I configure my app
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top