G
Guest
Hi.
We have an ASP.net Web application in which some of the pages are to be
served over secure channel using HTTPS.
We have built a framework that allows pages to be served over secure channel
specified in a configuration file. When a request for specified pages comes
over HTTP, framework detects and redirects the browser over HTTPS.
Similarly for non secure pages if the request comes over HTTPS the
framework redirects the browser onto HTTP.
We use HttpRequest.IsSecureConnection property to determine HTTP/HTTPS was
used to make the request. This all used to work fine until now.
Now the infrastructure group has taken out SSL responsibilities from the Web
Server and given it to an Hardware SSL offloader. What SSL offloader is doing
is it decrypts the request from client and sends an un encrypted request to
Web Server.
As a consequence HttpRequest.IsSecureConnection is always returning false
to the application?
Is anyone aware of a solution to the above problem i.e. for us to detect SSL
request in SSL Offloading scenario by other means than using
HttpRequest.IsSecureConnection (for e.g. checking headers??)
Thanks
We have an ASP.net Web application in which some of the pages are to be
served over secure channel using HTTPS.
We have built a framework that allows pages to be served over secure channel
specified in a configuration file. When a request for specified pages comes
over HTTP, framework detects and redirects the browser over HTTPS.
Similarly for non secure pages if the request comes over HTTPS the
framework redirects the browser onto HTTP.
We use HttpRequest.IsSecureConnection property to determine HTTP/HTTPS was
used to make the request. This all used to work fine until now.
Now the infrastructure group has taken out SSL responsibilities from the Web
Server and given it to an Hardware SSL offloader. What SSL offloader is doing
is it decrypts the request from client and sends an un encrypted request to
Web Server.
As a consequence HttpRequest.IsSecureConnection is always returning false
to the application?
Is anyone aware of a solution to the above problem i.e. for us to detect SSL
request in SSL Offloading scenario by other means than using
HttpRequest.IsSecureConnection (for e.g. checking headers??)
Thanks