开发者

Forms Auth requireSSl and Https

开发者 https://www.devze.com 2022-12-25 01:36 出处：网络

If my login pages are https, does it matter if \"requireSSl\" is true in the forms tab of the web config? 开发者_Go百科

相关专题：asp.net ssl

If my login pages are https, does it matter if "requireSSl" is true in the forms tab of the web config?

Currently I am redirecting pages with IIS to HTTPS. When I set requiressl it seems to cause problems.

Can someone put the two settings in perspective. thanks

if you set https at the server level then requireSsl does not matter (setting it on or off should not make any difference). After setting https required, set a redirect as mentioned in this article:

http://www.jppinto.com/2009/01/automatically-redirect-http-requests-to-https-on-iis-6/

==== reference http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.requiressl.aspx

You can specify in the Web.config file for your ASP.NET application whether SSL (Secure Sockets Layer) is required to return the forms-authentication cookie to the server by setting the requireSSL attribute