tags:

views:

25

answers:

1
Q: 

aspnet membeship logon page and https redirect

Hello,

I have a gridview control that has on onclick event bound to every cell. Once a user clicks on a cell it directs them to a booking confirmation page and passes 3 url variables. This booking page is behind a aspnet membership and thus if the user is not logged in they are served the login page. The login page has a redirect to https connection in the onload event using the IsSecure property. The issue is once the user logs in, then is returned to the booking confirmation page I lose 2 of the url vars.

If I remove the https redirect, everything works fine, but the user logs on on a http connection, which is not cool.

Appreciate and help

thanks

Reuben

A: 

Short of some extra plumbing that would have to span several hops, your best bet is to stash the data in session until they come out of authentication.

Sky Sanders  2010-03-18 21:22:01
Would I then need to call a client side script to process the vars from the gridview into session vars?thanks
DefSol  2010-03-19 03:29:17
In the code behind of the actual target page, check for session vars and render them back out as you see fit.. If you need these values for clientscript then sure, put them back into the url, or render them into the page output. this was not part of the original question, defsol, and scope creep is just as annoying in SO as in RL. just sayin... lol ;-)
Sky Sanders  2010-03-19 10:23:14
DefSol  2010-03-24 08:11:47
@DefSol, you sure you are not in marketing or higher management? lol. Welcome to SO.
Sky Sanders  2010-03-24 11:00:04

related questions

How would you implement a secure static login credentials system in Java?
Blocking https url's in a embedded gecko browser
Restrict Apache to only allow access using SSL for some directories
How to put up an off-the-shelf https to http gateway?
Rails SSL Requirement plugin -- shouldn't it check to see if you're in production mode before redirecting to https?
What's the best way to learn server RESTful code?
Force HTTPS. How is it possible?
How can I get LWP to validate SSL server certificates?
What must I do to make content such as images served over HTTPS be cached client-side?
What does a PHP developer need to know about https / secure socket layer connections?
What's a clean/simple way to ensure the security of a page?
Making sure a web page is not cached, across all browsers.
Best way in asp.net to force https for an entire site?
Any way to handle Put and Delete verbs in ASP.Net MVC?
Response.Redirect with POST instead of Get?
How to get the correct Content-Length for a POST request.
IIS7: HTTP->HTTPS Cleanly
[ASP.NET ERROR] The request was aborted: Could not create SSL/TLS secure channel.
Testing HTTPS files with MAMP
How do banks remember "your computer"?
Avoid traffic shaping by using ssh on port 443
Convince Firefox to send an If-Modified-Since header over HTTPS
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
Options for Google Maps over SSL