Re: Forms Authentication with http/https

From: Holysmoke (Holysmoke_at_discussions.microsoft.com)
Date: 09/30/04 

Date: Thu, 30 Sep 2004 01:43:01 -0700

Sorry . I don't understand. May be I have not clearly explained the problem

FormsAuthentication.RedirectFromLoginPage methods redirects to original
requested web site / application but it does not care about the http/https

For eg.

The orginal requested is not http based
and the application that issues FormsAuthentcation.RedirectFromLoginPage is
SSL based, it redirects to the correct original requested page but the
protocol is still SSL and not just http as expected. Hope I have explained
correctly.

What is the work around for this?

TIA,
Holy

"Paul Clement" wrote:

> On Wed, 29 Sep 2004 07:27:03 -0700, Holysmoke <Holysmoke@discussions.microsoft.com> wrote:
>
> ¤ Hi,
> ¤
> ¤ I am trying to implement Single Sign On solution to my web applications.
> ¤
> ¤ I have developed a web application which does authenticaion and it is SSL
> ¤ based.
> ¤ I am having a problem when redirecting to the requested web site(http based)
> ¤ after authentication (https based)
> ¤
> ¤ Let us say I have
> ¤
> ¤ Site A - An application (configured to do forms authentication on Site B)
> ¤ Site B - An application which does authentication which is https based
> ¤
> ¤ I try to redirect in site B using,
> ¤
> ¤ System.Web.Security.FormsAuthentication.RedirectFromLoginPage("test", False)
> ¤
> ¤ It works but one problem.
> ¤
> ¤ After Authentication the Site B tries to redirect to the application A but
> ¤ still uses https and not http as expected.
> ¤
>
> RedirectFromLoginPage uses the protocol of the login page application. You may want to consider
> using SSL on your login page if you're implementing Forms based authentication with SSL
> applications.
>
>
> Paul ~~~ pclement@ameritech.net
> Microsoft MVP (Visual Basic)
>

Relevant Pages

  • Re: Forms Authentication with http/https
    ... If you still want to switch to http (althought I would not recomend you ... > FormsAuthentication.RedirectFromLoginPage methods redirects to original ... > protocol is still SSL and not just http as expected. ... Site B - An application which does authentication which is https based ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • help !! IIS promting twice for authentication
    ... On my local intranet I have anonymous access at index.asp file which is ... redirection from http to https:// ... I am still getting prompted for authentication. ... when I click http://*.com/index.asp it redirects succesfully and just ...
    (microsoft.public.inetserver.iis.security)
  • Re: How can I follow a trail of 302 redirects with MSXML2.XMLHTTP?
    ... Dim sNextLocation, sMsg, iCount ... You won't get any content back as a part of the response, and the HTTP ... I shouldn't have to change settings in IE to control ... Redirects: 10 ...
    (microsoft.public.scripting.vbscript)
  • Re: Bypass forms authentication
    ... I tried using the location element and it still loops between pages. ... If the database connection fails I want the ... which in turn fails to connect to the db and redirects them to the ... >> authentication by using the authentication and authorization settings in ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • SSO with FormsAuthntication authenticating in a single site
    ... a single site because we only want to purchase one ssl certificate for the ... The whole authentication works just fine between all the sites. ... http://site1.domain.com/protectedpage.aspx --> redirects to ... If I try to redirect to the login page on Application_AuthenticateRequest ...
    (microsoft.public.dotnet.framework.aspnet.security)