M
Marco Roello
Hi, I read some posts here, but I haven't found the full solution of my
problem.
I,ve configured my web application to use SSL with Server Certificates
(Tested and works).
Only one subfolder (/secure) of my webapp works with SSL. (Tested and works)
Web.Config
authentication mode="Forms">
<forms loginUrl="/secure/login.aspx" protection="All" timeout="30"
requireSSL="true">
......
The users search a page of my webapp (example:
"http://myserver/mywebapp/webform1.aspx") on a non secure SSL channel.
If the user isn't authenticated, he will be redirected to the loginUrl. The
problem is that he will not be redirected with the https:// prefix, so he
has to manually change the address in from http:// to https://.
I've tried putting the full address in the loginUrl, like
loginUrl="https://myserver/mywebapp/secure/login.aspx", but in this case,
when redirecting on the login.aspx, I receive an Access denied Error
(401.2).
I've tried to configure IIS security, with anonimous access only, windows
authentication, both, but nothing changes.
So, the question is simple: how can I redirect a user to a SSL login page
when he isn't authenticated, don't matter if he comes from an http:// or
https:// address
Thank you in advance
Marco Roello
(e-mail address removed)
How can I configure my app
problem.
I,ve configured my web application to use SSL with Server Certificates
(Tested and works).
Only one subfolder (/secure) of my webapp works with SSL. (Tested and works)
Web.Config
authentication mode="Forms">
<forms loginUrl="/secure/login.aspx" protection="All" timeout="30"
requireSSL="true">
......
The users search a page of my webapp (example:
"http://myserver/mywebapp/webform1.aspx") on a non secure SSL channel.
If the user isn't authenticated, he will be redirected to the loginUrl. The
problem is that he will not be redirected with the https:// prefix, so he
has to manually change the address in from http:// to https://.
I've tried putting the full address in the loginUrl, like
loginUrl="https://myserver/mywebapp/secure/login.aspx", but in this case,
when redirecting on the login.aspx, I receive an Access denied Error
(401.2).
I've tried to configure IIS security, with anonimous access only, windows
authentication, both, but nothing changes.
So, the question is simple: how can I redirect a user to a SSL login page
when he isn't authenticated, don't matter if he comes from an http:// or
https:// address
Thank you in advance
Marco Roello
(e-mail address removed)
How can I configure my app