How to automatically change from httpS to http for a specific folder??

[Po-Shan Chang]

There are great instructions on the web for force HTTPS for specific folder

How to automatically change from http to https for a specific folde
http://www.iisfaq.com/default.aspx?View=A407&P=2

But, my question would be ...

Question
========
I am trying to set up a website with the following requirements

1. User can browse through the non-secure pages of the website usin
ordinary HTTP
2. User can access the secure pages by first supplying a username an
password through a web form via SSL. This web-form goes throug
HTTPS. The idea is to encrypt the password as it's sent across th
net
3. Once the user has logged in, he can browse through the rest of th
site using ordinary HTTP

I have been able to achieve #1 and #2, but as soon as the user log
in, he can only browse through the site using HTTPS. Is there a wa
to configure IIS so that once the user has logged in via SSL, he ca
browse through the rest of the site using HTTP

Note: all of the links in my HTML are "relative" links, except for th
link to my login page, which is an "absolute" link that explicitl
uses "https"

Answer from other threads (Can't there be better solution?
======================================
This is an application issue, not an IIS issue. The page that processe
your web form should be written such that the user is redirected to HTT
once the authentication process is complete. In most cases, th
authentication function would store the original request and send the use
to http://site.com/orig_request once the login has been verified

======================================
If this is the only solution, all of the pages in the website would have to have the exact link (HTTP or HTTPS) specified and I
do not think this is a good approach

Thanks a lot.

 

[Bernard]

The response from other thread is the way to do it.
but only on the page redirecting user from https to http

just like how you redirect the one page from http to https,
same way, but the other direction.

--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...

There are great instructions on the web for force HTTPS for specific folder.

How to automatically change from http to https for a specific folder
http://www.iisfaq.com/default.aspx?View=A407&P=20

But, my question would be ....

Question:
=========
I am trying to set up a website with the following requirements:

1. User can browse through the non-secure pages of the website using
ordinary HTTP.
2. User can access the secure pages by first supplying a username and
password through a web form via SSL. This web-form goes through
HTTPS. The idea is to encrypt the password as it's sent across the
net.
3. Once the user has logged in, he can browse through the rest of the
site using ordinary HTTP.

I have been able to achieve #1 and #2, but as soon as the user logs
in, he can only browse through the site using HTTPS. Is there a way
to configure IIS so that once the user has logged in via SSL, he can
browse through the rest of the site using HTTP?

Note: all of the links in my HTML are "relative" links, except for the
link to my login page, which is an "absolute" link that explicitly
uses "https".

Answer from other threads (Can't there be better solution?)
=======================================
This is an application issue, not an IIS issue. The page that processes
your web form should be written such that the user is redirected to HTTP
once the authentication process is complete. In most cases, the
authentication function would store the original request and send the user
to http://site.com/orig_request once the login has been verified.

=======================================
If this is the only solution, all of the pages in the website would have

to have the exact link (HTTP or HTTPS) specified and I