How can I configure my ASP.NET MVC 3 application to use HTTP on login and HTTPS on the rest of the pages?
Now I configured the app to use HTTPS on every page including Login.
Does anyone have any suggestions?
Thanks a lot.
Jeff
Asked
Active
Viewed 572 times
0
-
1Why would you want to run the login over regular HTTP when you have the option to do it over HTTPS? – Christofer Eliasson Feb 23 '12 at 09:12
-
You really don't want to do this, your users would be sending their passwords over the internet in clear text. – James Allen Feb 23 '12 at 09:13
-
I think he means it the other way around. I would like to do the same. – Rob Kent Feb 23 '12 at 09:14
-
See this question: http://stackoverflow.com/questions/1574347/asp-net-mvc-requirehttps – Rob Kent Feb 23 '12 at 09:14
1 Answers
1
You can use the built-in RequireHttpsAttribute see the documentation reference
You can set this on your controller class like this:
[RequireHttps]
public Controller HomeController() { }
All actions of this controller will use Https.
Or directly on a controller action
[RequireHttps]
public ActionResult Index() { }
You may also register this for the entire app on your global.asax
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
filters.Add(new RequireHttpsAttribute());
}
Dominic St-Pierre
- 2,429
- 3
- 27
- 35