I'd like to stick with the attribute as it is simple. Apparently VS2010 development server supports HTTPS as it worked without problem which was nice.
I followed the login link, was redirected to 443 and presented with a cert. I entered my credentials and submitted. Then I was redirected to standard port 80 instead of the static port I setup.
This is a minor inconvenience but instead of following this posts solution and implementing a bunch of code to asax/etc http://stackoverflow.com/questions/2736194/use-a-different-port-with-requirehttps-filter-in-mvc2 I thought I could probably just extend the attribute. I've done this with AuthorizeAttribute and it worked well. How do I see what the base RequireHttpsAttribute is doing? Code definition of course only gives signature, MSDN does the same. Do I have to download MVC2 source from somewhere or something?
Other ideas appreciated.