Re: SSL and Forms Authentication

From: Justin (speedracer909_at_hotmail.com)
Date: 02/24/04 

Date: Tue, 24 Feb 2004 18:52:51 +0700

I've been trying to figure this out too, without luck. I just work around it
by
redirecting to a relative aspx page from the loginurl in web.config, then
do a response.redirect(https://www.host.com/login.aspx) from that. Messy
but it works

Justin

"Scott" <no_email_at_all> wrote in message
news:uBN4Zln9DHA.2480@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> I've seen this problem posted a few times around the 'net with no answer.
> Hopefully someone here can help.
>
> We have our website configured to use Forms Authentication. We want to
> secure the Login page ONLY using SSL. When a user goes to the site he is
> redirected to the Login page for authentication, but gets an error saying
> the resource is protected and they must use HTTPS:.
>
> That's ugly, since the redirect should be transparent to the user.
>
> When we setup the <forms> tag we have tried using the full path in the
> loginUrl property, including 'https://'. When we do this the user doesn't
> get the message about HTTPS, but he DOES get an NT Authentication login
> dialog instead.
>
> Thats even uglier and I'm not even sure why that happens.
>
> Documentation and books I've read allude to the abiltiy to secure a single
> folder or page using SSL and the login redirection works. Those same
> documents and books don't say HOW to make it work and we haven't been able
> to either.
>
> Is it even possible to do this? Has anyone here done it successfully?
>
> Scott L.
>
>

Relevant Pages

  • Re: Authentication login screen appears on both frames of the framset
    ... wouldn't be redirecting to the login. ... give all users permission to the page that shouldn't redirect, ... >> If you're using forms authentication when a user is not authorized to see ... >> page they are automatically redirected to the login page. ...
    (microsoft.public.dotnet.framework.aspnet)
  • RedirectFromLoginPage problem, not redirecting to members page
    ... I am having problem with redirecting the user form the login page to members ... page using RedirectFromLoginPage method. ... add new folder and name it as 'members'. ...
    (microsoft.public.dotnet.security)
  • MobileFormsAuthentication.RedirectFromLoginPage telling the user that the current page has been move
    ... everything works fine except that it tells the user that the current page, which is the login page, has been moved and ask the user whether to go to the new location. ... can i separate the authentication and redirecting? ... after the authentication i would use Server.Transferto get the user to another page. ...
    (microsoft.public.dotnet.framework.aspnet.mobile)
  • MobileFormsAuthentication.RedirectFromLoginPage
    ... everything works fine except that it tells the user that the current page, which is the login page, has been moved and ask the user whether to go to the new location. ... can i separate the authentication and redirecting? ... after the authentication i would use Server.Transferto get the user to another page. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • MobileFormsAuthentication.RedirectFromLoginPage
    ... everything works fine except that it tells the user that the current page, which is the login page, has been moved and ask the user whether to go to the new location. ... can i separate the authentication and redirecting? ... after the authentication i would use Server.Transferto get the user to another page. ...
    (microsoft.public.dotnet.framework.aspnet.mobile)