Re: Forms Authentication with http/https

From: Paul Clement (UseAdddressAtEndofMessage_at_swspectrum.com)
Date: 10/01/04

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: Why is "oN%3d" so dangerous?"
• Previous message: Hernan de Lahitte: "Re: Forms Authentication with http/https"
• Maybe in reply to: Hernan de Lahitte: "Re: Forms Authentication with http/https"
• Next in thread: Holysmoke: "Re: Forms Authentication with http/https"
• Reply: Holysmoke: "Re: Forms Authentication with http/https"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 01 Oct 2004 09:03:31 -0500

On Thu, 30 Sep 2004 01:43:01 -0700, Holysmoke <Holysmoke@discussions.microsoft.com> wrote:

¤ Sorry . I don't understand. May be I have not clearly explained the problem
¤
¤ FormsAuthentication.RedirectFromLoginPage methods redirects to original
¤ requested web site / application but it does not care about the http/https
¤
¤ For eg.
¤
¤ The orginal requested is not http based
¤ and the application that issues FormsAuthentcation.RedirectFromLoginPage is
¤ SSL based, it redirects to the correct original requested page but the
¤ protocol is still SSL and not just http as expected. Hope I have explained
¤ correctly.
¤
¤ What is the work around for this?
¤

If I understand what you are saying, the protocol is not changing from https to http after
performing the redirect. This behavior is correct in that RedirectFromLoginPage uses the current
protocol. If the current protocol is https the page being redirected to will be https, not http.

If you want to change the protocol from https to http, or vice versa, then you would have to use
Response.Redirect instead.

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)

---

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: Why is "oN%3d" so dangerous?"
• Previous message: Hernan de Lahitte: "Re: Forms Authentication with http/https"
• Maybe in reply to: Hernan de Lahitte: "Re: Forms Authentication with http/https"
• Next in thread: Holysmoke: "Re: Forms Authentication with http/https"
• Reply: Holysmoke: "Re: Forms Authentication with http/https"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: How can I follow a trail of 302 redirects with MSXML2.XMLHTTP? ... Dim sNextLocation, sMsg, iCount ... You won't get any content back as a part of the response, and the HTTP ... I shouldn't have to change settings in IE to control ... Redirects: 10 ... (microsoft.public.scripting.vbscript) Re: Multiple domains on https (apache) ... This is a technical limitation of SSL - each domain ... Named virtual hosts will not work with SSL. ... with https, the SSL/TLS tunnel is set up first and afterwards the HTTP ... protocol happens within it. ... (Fedora) Re: Forms Authentication with http/https ... If you still want to switch to http (althought I would not recomend you ... > FormsAuthentication.RedirectFromLoginPage methods redirects to original ... > protocol is still SSL and not just http as expected. ... Site B - An application which does authentication which is https based ... (microsoft.public.dotnet.framework.aspnet.security) Re: Forms Authentication with http/https ... to my http location instead it redirects to the https location. ... > ¤ protocol is still SSL and not just http as expected. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Forms Authentication with http/https ... passports. ... > to my http location instead it redirects to the https location. ... FormsAuthentication.RedirectFromLoginPage methods redirects to original ... protocol is still SSL and not just http as expected. ... (microsoft.public.dotnet.framework.aspnet.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2004-10