HTTPS - Mvc3 - Visual Studio 2010

Question

HTTPS - Mvc3 - Visual Studio 2010

I have a requirement that the site should always open in https mode (except for local development). This is an internal application.

When I run the site with web.config set to true for https, it looks like the site goes in a circular motion and repeats the request over and over.

public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());

        //make sure that the remote site opens in https mode.
        bool isSSL = false;
        bool.TryParse(ConfigurationManager.AppSettings[ApplicationKeys.IsSSLRequired], out isSSL);
        if (isSSL && !HttpContext.Current.Request.IsLocal && !HttpContext.Current.Request.IsSecureConnection)
            filters.Add(new RequireHttpsAttribute());

    }
protected void Application_Start()
    {
        AreaRegistration.RegisterAllAreas();

        RegisterGlobalFilters(GlobalFilters.Filters);
        RegisterRoutes(RouteTable.Routes);
        //RouteDebug.RouteDebugger.RewriteRoutesForTesting(RouteTable.Routes);

        //wire up Unity IoC
        container = new UnityContainer();
        UnityBootstrapper.ConfigureContainer(container);
        EntityMapper.MapEntities();
        DependencyResolver.SetResolver(new UnityDependencyResolver(container));
        //wire up Unity Controller Factory
        ControllerBuilder.Current.SetControllerFactory(new UnityControllerFactory());
    }

What am I missing here?

+3

https asp.net-mvc-3

learning ... 19 Mar 12 at 21:43

source to share

4 answers

You can use IIS Express which supports SSL to host your site.

+2

Darin Dimitrov 19 Mar 12 at 21:50

source to share

In your Global.asax:

protected void Application_BeginRequest()
{
    bool isSSL = false;
    bool.TryParse(ConfigurationManager.AppSettings[ApplicationKeys.IsSSLRequired], out isSSL);
    if (isSSL && !Context.Request.IsSecureConnection)
        Response.Redirect(Context.Request.Url.ToString().Replace("http:", "https:"));
}

0

Dmitry 19 Mar 12 at 21:55

source to share

Just a thought. Is HttpContext.Current.Request available in Application_Start ()?

0

Duncan gravill 19 Mar At 21:58

source to share

David Peden · Accepted Answer · 2012-03-19T21:52:37+0000

Since you are already using web.config to manage this functionality, I suggest you use URL Rewrite .

You can configure a rule to redirect non-HTTPS traffic to HTTPS. See this thread for configuration:

http://forums.iis.net/t/1149780.aspx

Using this, you can further improve your development experience by using web.config transforms to include a rule when deploying to your production environment.

HTTPS - Mvc3 - Visual Studio 2010

More articles: