Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > ASP.NET and SSL basic question.

Reply
Thread Tools

ASP.NET and SSL basic question.

 
 
Russ
Guest
Posts: n/a
 
      08-24-2003
Hi,

Apologies if this question is a bit basic, but I can't seem to find any
documentation anywhere. I have an asp.net site running on Windows 2003
server, and I need one .aspx page to be secured using SSL. I haven't
bought a certificate yet, but I have set the SLL port to 443 on the web
site.

My question is do I have to create another site on my server, and secure it,
or can I just say create a sub directory on my current site, place my one
aspx page in the and secure the sub directory? I would like, if possible,
to maintian session info between the non secure and the secure parts of the
site, but I'm clueless as to whether this is possible.

Could someone please point me to some documentation?

Thanks,
Russ


 
Reply With Quote
 
 
 
 
Lewis Wang [MSFT]
Guest
Posts: n/a
 
      08-25-2003
Hi Russ,

It's possible to create a sub directory, place the "aspx" page in and
secure the sub directory. It is also possible to maintain the session info
between the non secure and the secure parts of the site,

You may check the following links for more information.

How To: Set Up SSL on a Web Server
<http://msdn.microsoft.com/library/de...-us/dnnetsec/h
tml/SecNetHT16.asp>

813829 INFO: Help Secure Forms Authentication by Using Secure Sockets Layer
<http://support.microsoft.com/?id=813829>

HOW TO: Enable SSL for All Customers Who Interact with Your Web Site in
Internet Information Services
<http://support.microsoft.com/?id=298805>

Hope this helps.

Best regards,
Lewis

This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
| From: "Russ" <(E-Mail Removed)>
| Subject: ASP.NET and SSL basic question.
| Date: Sun, 24 Aug 2003 13:34:03 +0100
| Lines: 20
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#(E-Mail Removed)>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| NNTP-Posting-Host: client-513-p1-sms.glfd.adsl.virgin.net 81.107.226.0
| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftn gp13.phx.gbl
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security: 6407
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Hi,
|
| Apologies if this question is a bit basic, but I can't seem to find any
| documentation anywhere. I have an asp.net site running on Windows 2003
| server, and I need one .aspx page to be secured using SSL. I haven't
| bought a certificate yet, but I have set the SLL port to 443 on the web
| site.
|
| My question is do I have to create another site on my server, and secure
it,
| or can I just say create a sub directory on my current site, place my one
| aspx page in the and secure the sub directory? I would like, if
possible,
| to maintian session info between the non secure and the secure parts of
the
| site, but I'm clueless as to whether this is possible.
|
| Could someone please point me to some documentation?
|
| Thanks,
| Russ
|
|
|

 
Reply With Quote
 
 
 
 
Russ
Guest
Posts: n/a
 
      08-25-2003
That's great Lewis,

Thank you so much

Russ


"Lewis Wang [MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Russ,
>
> It's possible to create a sub directory, place the "aspx" page in and
> secure the sub directory. It is also possible to maintain the session info
> between the non secure and the secure parts of the site,
>
> You may check the following links for more information.
>
> How To: Set Up SSL on a Web Server
>

<http://msdn.microsoft.com/library/de...-us/dnnetsec/h
> tml/SecNetHT16.asp>
>
> 813829 INFO: Help Secure Forms Authentication by Using Secure Sockets

Layer
> <http://support.microsoft.com/?id=813829>
>
> HOW TO: Enable SSL for All Customers Who Interact with Your Web Site in
> Internet Information Services
> <http://support.microsoft.com/?id=298805>
>
> Hope this helps.
>
> Best regards,
> Lewis
>
> This posting is provided "AS IS" with no warranties, and confers no

rights.
>
>
> --------------------
> | From: "Russ" <(E-Mail Removed)>
> | Subject: ASP.NET and SSL basic question.
> | Date: Sun, 24 Aug 2003 13:34:03 +0100
> | Lines: 20
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> | Message-ID: <#(E-Mail Removed)>
> | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | NNTP-Posting-Host: client-513-p1-sms.glfd.adsl.virgin.net 81.107.226.0
> | Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftn gp13.phx.gbl
> | Xref: cpmsftngxa06.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security: 6407
> | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> |
> | Hi,
> |
> | Apologies if this question is a bit basic, but I can't seem to find any
> | documentation anywhere. I have an asp.net site running on Windows

2003
> | server, and I need one .aspx page to be secured using SSL. I haven't
> | bought a certificate yet, but I have set the SLL port to 443 on the web
> | site.
> |
> | My question is do I have to create another site on my server, and secure
> it,
> | or can I just say create a sub directory on my current site, place my

one
> | aspx page in the and secure the sub directory? I would like, if
> possible,
> | to maintian session info between the non secure and the secure parts of
> the
> | site, but I'm clueless as to whether this is possible.
> |
> | Could someone please point me to some documentation?
> |
> | Thanks,
> | Russ
> |
> |
> |
>



 
Reply With Quote
 
Cliff Harris
Guest
Posts: n/a
 
      09-25-2003
I didn't see anything in the articles that specifically related to how to
maintain session state between requests.
If I set the requireSSL tag to 'true', does it automatically set up the SSL,
or does it just mean that the page
will throw an error if I don't use "https" myself.
If the former is the case, then does this automatically save session state,
or is there still something i have to do
to solve this?

Also, if I want to secure a page by essentially redirecting the user to the
page useing Response.Redirect("https://...."),
how would I, if it's possible, maintain state in this case? Would
Server.Transfer work for this?

THanks,
-Clint


"Lewis Wang [MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Russ,
>
> It's possible to create a sub directory, place the "aspx" page in and
> secure the sub directory. It is also possible to maintain the session info
> between the non secure and the secure parts of the site,
>
> You may check the following links for more information.
>
> How To: Set Up SSL on a Web Server
>

<http://msdn.microsoft.com/library/de...-us/dnnetsec/h
> tml/SecNetHT16.asp>
>
> 813829 INFO: Help Secure Forms Authentication by Using Secure Sockets

Layer
> <http://support.microsoft.com/?id=813829>
>
> HOW TO: Enable SSL for All Customers Who Interact with Your Web Site in
> Internet Information Services
> <http://support.microsoft.com/?id=298805>
>
> Hope this helps.
>
> Best regards,
> Lewis
>
> This posting is provided "AS IS" with no warranties, and confers no

rights.
>
>
> --------------------
> | From: "Russ" <(E-Mail Removed)>
> | Subject: ASP.NET and SSL basic question.
> | Date: Sun, 24 Aug 2003 13:34:03 +0100
> | Lines: 20
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> | Message-ID: <#(E-Mail Removed)>
> | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | NNTP-Posting-Host: client-513-p1-sms.glfd.adsl.virgin.net 81.107.226.0
> | Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftn gp13.phx.gbl
> | Xref: cpmsftngxa06.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security: 6407
> | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> |
> | Hi,
> |
> | Apologies if this question is a bit basic, but I can't seem to find any
> | documentation anywhere. I have an asp.net site running on Windows

2003
> | server, and I need one .aspx page to be secured using SSL. I haven't
> | bought a certificate yet, but I have set the SLL port to 443 on the web
> | site.
> |
> | My question is do I have to create another site on my server, and secure
> it,
> | or can I just say create a sub directory on my current site, place my

one
> | aspx page in the and secure the sub directory? I would like, if
> possible,
> | to maintian session info between the non secure and the secure parts of
> the
> | site, but I'm clueless as to whether this is possible.
> |
> | Could someone please point me to some documentation?
> |
> | Thanks,
> | Russ
> |
> |
> |
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL and OpenSSL::SSL::SSLServer accept() born in USSR Ruby 2 09-27-2009 01:46 AM
Maintain session between an SSL page and Non SSL page John Smith Java 0 10-05-2006 12:03 PM
webrick, ssl and non-ssl on the same port Pavel Smerk Ruby 3 08-15-2006 05:51 PM
SSL with backend SSL on CSS 11500 Olivier PELERIN Cisco 0 08-30-2004 08:30 PM
From non-ssl area to ssl ara with a virtual href path? 620 ASP .Net 2 01-06-2004 09:58 PM



Advertisments