|
Home > Archive > IIS Server Security > May 2004 > Redirecting from http to http pops up a login box
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Redirecting from http to http pops up a login box
|
|
| Tony Wright 2004-05-30, 11:52 am |
| Hi,
I am trying to secure a credit card page. I redirect to the credit
card page from the url:
http://mipdev05/features/myshops/Ms...1ca48c&P=1&VT=G
to the url:
https://mipdev05/features/myshops/M...1ca48c&P=1&VT=G
It pops up a logon dialog box for the https, Site:mipdev05
Realm:mipdev05.
The redirect occurs in asp.net (c#). It is simply a
Response.Redirect. I am already logged into the http: site and wish
to use the same credentials to log into the https site without it
popping up the login box.
I have used Server.Transfer, but I am unconvinced that it is using
https.
Any ideas?
Thanks,
Tony
| |
| Jerry Pisk 2004-05-30, 11:52 am |
| It won't happen, as far as the browser cares you're accessing a different
resource, even though it's the same server it's going over a different
protocol so you have to login again. Once you login to the site over both
protocols you can switch back and forth.
Jerry
"Tony Wright" <tonyz.wrightz@consultant.com> wrote in message
news:f7140993.0405261915.2f2b92c1@posting.google.com...
> Hi,
>
> I am trying to secure a credit card page. I redirect to the credit
> card page from the url:
>
http://mipdev05/features/myshops/Ms...1ca48c&P=1&VT=G
> to the url:
>
https://mipdev05/features/myshops/M...1ca48c&P=1&VT=G
>
> It pops up a logon dialog box for the https, Site:mipdev05
> Realm:mipdev05.
>
> The redirect occurs in asp.net (c#). It is simply a
> Response.Redirect. I am already logged into the http: site and wish
> to use the same credentials to log into the https site without it
> popping up the login box.
>
> I have used Server.Transfer, but I am unconvinced that it is using
> https.
>
> Any ideas?
>
> Thanks,
> Tony
| |
| Tony Wright 2004-05-30, 11:52 am |
| So how do all the other sites do it? Do they write code to log from
http to https or something? It seems a bit ridiculous to require
someone to log in to the same site twice...
"Jerry Pisk" <jerryiii@hotmail.com> wrote in message news:<#Ao1kV7QEHA.1396@TK2MSFTNGP12.phx.gbl>...[vbcol=seagreen]
> It won't happen, as far as the browser cares you're accessing a different
> resource, even though it's the same server it's going over a different
> protocol so you have to login again. Once you login to the site over both
> protocols you can switch back and forth.
>
> Jerry
>
> "Tony Wright" <tonyz.wrightz@consultant.com> wrote in message
> news:f7140993.0405261915.2f2b92c1@posting.google.com...
> http://mipdev05/features/myshops/Ms...1ca48c&P=1&VT=G
> https://mipdev05/features/myshops/M...1ca48c&P=1&VT=G
|
|
|
|
|