Configuration :: Switch Https: For My Existing Website?
May 31, 2010I have one asp.net application i need to make my website secure..
View 2 RepliesI have one asp.net application i need to make my website secure..
View 2 Repliesproject is built using ASP.NET MVC 2.0. There're some pages is run under https and the rest run under http. Follow the artical I found on StackOverflow (http://stackoverflow.com/questions/2414327/switching-between-http-and-https-in-asp-net-mvc-1-0 ) :1.For pages that need to run under https I just add the attribute [RequireSSL] for the corresspond action method.2.To force all the rest pages run under http I have overriden OnAuthorization in the base controller:
protected override void OnAuthorization(AuthorizationContext filterContext)
{
if (!Request.IsAjaxRequest())
[code]...
after installing ssl for a website (by host admin)
all of pages are https now,
I need one http page? it is related to programming or iis?
i have registered a domain and in IIS 7.5 created a new Website for this domain. It works great the ASP.NET website (BlogEngine), now i wanted to add another ASP.NET webapplication to call it something like this:[URL]I tried to add to my existing website, a virtaul path to the ASP.NET webapplication und converted to an application. after calling the URL i get an exception, that i could not load an assembly of the website (mydomain) : Could not load file or assembly 'BlogEngine.Core' or one of its dependencies. The system cannot find the file specified.
View 1 Replies1 new website attach with existing website..where attached website is behave as pluggable. and used anywhere in any website?
View 7 Repliesi built web site in asp4/.net 4 using vs2010
only to find out that the hoster that i need to use (rackspace) doesn't support .net 4 except in beta
of course i can't precompile in 3.5 because of some of the assemblies
any quick way to rebuild in 3.5 without totally rebuilding the whole site in 3.5?
My company has a MOSS 2007 Enterprise (SharePoint 2007) website with users already setup. Everything is working fine. The users are setup in Active Directory. Now they want something really complex. I know how to do it in a few weeks in an ASP.NET website. That is my bread and butter. Here is what I would like to do.
I would like to write a new ASP.NET website using Window Authentication, and just have the users jump into the new application when they new this new ability. All of this has to be accessible from the internet. It is an External application. The external user accounts are in Active Directory already.
Will the identity still be the logged in user then they arrive at my new website?
NOTE: I do NOT what them to have to login again.
How can I do this?
NOTE: I am learning SharePoint Development. We have it. It is important to me to learn it. However, I am a little overwhelmed by it at the moment. We have 20+ developers, and NONE of us know anything about SharePoint. A consultant set it up, and a non developer is administrating it. In the future I will probably be the "man" in the future. That is a scary thought. SharePoint is something I want to know, however I have too much on my plate the next 2 months and NO help. I would like to get the application completed, and then move the code into SharePoint later if there is a need and a reason to do so. If there is no need, then we will keep it seperate.
How to achieve this security feature which is shown in url bar (https) ?
View 1 RepliesI am creating a website in Visual Studio 2010 for ASP.NET 4.0 written in C#.
I have a Global.asax file with a method to force specific pages or directories to use https. Then in the web.config file, I define which pages and directories should use https.
The problem I am running into is content not coming over as https even though the URL is https, so IE gives a security warning. We do have a valid cert on the domain. The security warning pop up says, "Do you want to view only the webpage content that was delivered securely? This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage." If users choose Yes, then parts of the applications do not work.
Is there a way that I can force the content (images, JavaScript files included in the page, etc) to come over as https? All the files are on the web server, so I am not trying to include outside resources (like not displaying a video or image from another site, it is all on my site's web server). I want to avoid absolute URLs in my code because some of the applications are complex and I cannot find all the places where resources are being called.
I just moved our website to a new server(windows 2008, IIS7.5). this website needs to do post to an outside https website to get the data back, but
it deesn't work. when i put the https: website on the IE address bar, it failed. I am wondering what setting i need to change to enable https: website to go through on the server?
There are 2 web-servers involved:
Webserver1 has been in the organization a few years and is hosting/running multiple websites with https encryption (app1.ourcompany.com, app2.ourcompany.com, etc). It has a valid, signed certificate.
Webserver2 is a new server, for which I am responsible. I am tasked with setting up https and getting the certificate, etc. It has a web app running on it, but it does not have a domain name (only has an IP address)...which as I recently learned, is a requirement for a signed certificate.
What I'd like to know is this -- is it possible to set up a site on Webserver1 that points to the site I'm hosting on Webserver2 (ie SiteOnWebserver2.ourcompany.com) which also utilizes the Webserver1's signed/verified certificate?
What I want to do is like the web browser. When you visit a https web site, the browser will download and install the X.509 Certification automatically.
I have a application which will be installed in PC, and the application will post to a https website. So if the certification is expired, the App should download a new one.
So, how can I get the certification? A stream is always good, I can make it to certification.
i have to build a small webapp for a company to maintain their business data... Only those within the company will be using it, but we are planning to host it in public domain, so that the employees can connect to app from various locations. (Till now I have built web apps that are hosted internally only)
I'm wondering whether I need to use a secured connection (https) or just the forms authentication is enough.
What should I do to prepare my website for https. (Do I need to alter the code / Config) Is SSL and https one and the same... Do I need to apply with someone to get some license or something. Do I need to make all my pages secured or only the login page...
I purchased a certificate from my hosting provider from my web site. There was some confusion as to whether I needed to use IIS to install it or if they would. After a few days and several phone calls they said they had it installed and configured, but when I tried to set up rewrite rules in web.config the site would not load. When I point my browser to https:mydomain it would load, but there was not green lock in the address bar and 'HTTPS' was not green. I contacted them again and after explaining the situation and being put on hold for 45 minutes I hung up. This morning the the site is working and HTTPS appears to be configured correctly.
I could find no changes to web.config on redirection, so how is it being redirected to HTTPS? I'm concerned that when I post changes to the site I could wipe out what ever they did to get it to work with HTTPS. Could changes been made 'above' my site on the server that I can't affect? Should I be concerned?
I have hosted asp.net web service on IIS 6.
Client of the service is using the service successfully by HTTP://<hostname>/service.asmx.
I want to allow only HTTPS://<hostname>/service.asmx, i.e. No one can access web service using HTTP://
We are planning to move our website to https, which currently running on only http only. Web site is running on IIS7 in Windows 2008 server. Do I need to update/modify any configuration settings in the website to make it work on HTTPS? Is it fine just installing certifictes?
View 3 RepliesI'm working on a CMS that can run either with or without https enabled on the webserver. I'd like to be able to detect whether https is enabled or not, so that I can act accordingly (for example, display some https-related options to the administrator, and redirect to https for administrator logins).
I'm not looking for Request.IsSecureConnection because that only tells me if the current request is via https. I want something that will tell me whether the current bindings for the site in IIS include a binding for https at the same domain as the current request is on. So, for example, even if the current request is for [URL] and thus not secure, I want to know whether [URL] would work so I can (for example) redirect the user to it if they log in as administrator.
I've had no luck looking for anything in System.Web.Configuration that will tell me about the bindings of the current site, though.
I'd like my application to query a csv file from a secure website. Currently I have the user login to the site, manually query the csv, and have my application load the file locally. I'd like to automate this by having the user enter his login information, authenticating him on the website, and querying the data. The application is written in C# .NET. The url of the site is: https://www2.emidas.com/default.asp.
I've tested the following code already and am able to access the file once the user has already authenticated himself and created a manual query.
System.Net.WebClient Client = new WebClient();
Stream strm = Client.OpenRead("https://www3.emidas.com/users/<username>/file.csv");
Here is the request sent to the site for authentication. I've angle bracketed the real userid and password.
POST /pwdVal.asp HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; Tablet PC 2.0; OfficeLiveConnector.1.4; OfficeLivePatch.1.3; .NET4.0C; .NET4.0E)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Cookie: ASPSESSIONID<unsure if this data contained password info so removed>; ClientId=<username>
Host: www3.emidas.com
Content-Length: 36
Connection: Keep-Alive
Cache-Control: no-cache
Accept-Language: en-US
client_id=<username>&password=<password>
I am creating a website with password-protected pages in it.
I have two type of customer: 1. Free 2. Paid
For paid customers, pages would be rendered over HTTPS whereas for free customer, pages will be rendered over HTTP. However, pages for both types of users would be same (while populating specific information for each user.)
note, the URL for the two users should be same except HTTP/HTTPS part.
I am new to HTTPS and want to know how to achieve this.
I am wondering how to implement it?
How can I Ensure That Secure Content Is Served Over HTTPS Only (IIS 6.0)? when the certificate is installed. In other words how can I direct all the http request to https. For example when some type http://localhost it redirects to https://localhost.
View 2 RepliesProgramatically is it possible using C# or script 1. To attach certificate to the https binding of website in IIS 7.5(from a drop down).
View 1 RepliesI'm trying to integrate mapping into an existing website, and I was trying to figure out which flavor to use; Ajax, Silverlight or Web Services.
View 5 RepliesI have an existing ASP.NET web application that is for public use and any anonymous user can access it. I would like to implement mechanism for users to sign up. The first thought that crossed my mind is to use the ASP.NET membership API.
So, If I use the Membership API:
[code]...
I have a (internet) web site with the below web.config (everything works fine). How would I alter this to include an applicationName attribute. I wish to eventually have multiple web sites using the same ASPNETDB database.
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<clear/>
<add name="LocalSQLServer" connectionString="Server=myserver.com; Database=MyDB; Uid=MyUser; Pwd=MyPassword; Trusted_Connection=False;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<customErrors mode="Off" defaultRedirect="~/Error.aspx"/>
<roleManager enabled="true"/>
<authentication mode="Forms"/>
<compilation debug="false"/>
<pages theme="Standard"/>
</system.web>
</configuration>
I have an exiting ASP.NET website that already has user accounts in it. I would now like to simplify logon and considering the use of Janrain. Is this a recommended product? Any alternatives you have used? What do I do with my existing users (I assume I need to extend my membership db to select between them and Janrain tokens)?
View 3 Replies