Re: Redirecting from http to http pops up a login box

From: Tony Wright (tonyz.wrightz_at_consultant.com)
Date: 05/28/04

• Next message: Jeff Cochran: "Re: NEED: Network Monitor"
• Previous message: BJM: "autherntication methods IIS 6"
• In reply to: Jerry Pisk: "Re: Redirecting from http to http pops up a login box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 27 May 2004 16:09:36 -0700

So how do all the other sites do it? Do they write code to log from
http to https or something? It seems a bit ridiculous to require
someone to log in to the same site twice...

"Jerry Pisk" <jerryiii@hotmail.com> wrote in message news:<#Ao1kV7QEHA.1396@TK2MSFTNGP12.phx.gbl>...
> It won't happen, as far as the browser cares you're accessing a different
> resource, even though it's the same server it's going over a different
> protocol so you have to login again. Once you login to the site over both
> protocols you can switch back and forth.
>
> Jerry
>
> "Tony Wright" <tonyz.wrightz@consultant.com> wrote in message
> news:f7140993.0405261915.2f2b92c1@posting.google.com...
> > Hi,
> >
> > I am trying to secure a credit card page. I redirect to the credit
> > card page from the url:
> >
> http://mipdev05/features/myshops/MsShopCheckout.aspx?ID=a4f12d4d-e2fd-4785-83ec-4ea2ed1ca48c&P=1&VT=G
> > to the url:
> >
> https://mipdev05/features/myshops/MsPaymentDetails.aspx?ID=a4f12d4d-e2fd-4785-83ec-4ea2ed1ca48c&P=1&VT=G
> >
> > It pops up a logon dialog box for the https, Site:mipdev05
> > Realm:mipdev05.
> >
> > The redirect occurs in asp.net (c#). It is simply a
> > Response.Redirect. I am already logged into the http: site and wish
> > to use the same credentials to log into the https site without it
> > popping up the login box.
> >
> > I have used Server.Transfer, but I am unconvinced that it is using
> > https.
> >
> > Any ideas?
> >
> > Thanks,
> > Tony

• Next message: Jeff Cochran: "Re: NEED: Network Monitor"
• Previous message: BJM: "autherntication methods IIS 6"
• In reply to: Jerry Pisk: "Re: Redirecting from http to http pops up a login box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Redirecting from http to http pops up a login box ... protocol so you have to login again. ... I redirect to the credit ... > It pops up a logon dialog box for the https, ... (microsoft.public.inetserver.iis.security) Re: [PHP] Back to security ... Better off to do all of 1, 2, and 3 inside HTTPS. ... server before the rest of the request is decrypted. ... server once the login was successful. ... cannot grab the hash and use that, I have a random hash that is hashed ... (php.general) Re: Bank login not using https ... is SSL secured with verisign... ... After I signed up I immediately changed my login details/ ... that https is important. ... websites don't need to be SSL-protected. ... (comp.security.misc) Re: SSL Sicherheit nur auf die Seite https =?iso-8859-1?Q?beschr=E4nkt=3F?= ... > Wenn ich mich bei Ebay anmelde, dann beginnt die Login seite mit https. ... Wenigstens ist das Login ... Next by Date: ... (microsoft.public.de.security.netzwerk.sicherheit) Re: https-Question ... If the form is submitted to a HTTPS address then the form data will arrive securely, but there is another issue with using insecure login pages like this. ... It's good practice to have both the login page and the page you submit to fully secure ... (comp.infosystems.www.authoring.html)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint