Why does Request.IsSecureConnection return false when true is expected. | ansaurus

tags:

views:

709

answers:

1

+2 Q:

Why does Request.IsSecureConnection return false when true is expected.

I have an aspx page which is checking Request.IsSecureConnection to ensure it is true, if not it does a redirect to the the secure page at https://www.domain.com/page.aspx.

The server has an SSL cert installed for the domain, and the browser shows the padlock icon.

The same code ran fine on a different server, but now Request.IsSecureConnection always returns false.

I have created a completely empty aspx file, that just prints the return value of Request.IsSecureConnection and it is still false, so there is no other content coming from a standard http request.

Could anyone suggest what might be causing this, or give any hints on how I might find out what is causing this to always return false?

+1 A:

If there's a load balancing router or similar in front of your web server with ssl termination then the connection from there to your web server won't be over SSL. In this case you usually have to check for a connection on a specific port or for headers being set by the load balancer.

Adam 2009-06-15 21:21:36

Or leave it up to he load balancer to ensure the connection is secure from the client to your website.

David McEwing 2009-06-15 21:22:52

He should be able to confirm this suspicion by outputting Request.UserHostAddress and/or Request.UserHostName on that test page. If those values aren't the client he is connecting from (or a proxy that client is going through), it is likely they will identify some sort of load balancer or reverse proxy that is sitting in front of his web server.

Grant Wagner 2009-06-15 21:25:53

Request.UserHostAddress and Request.UserHostName both return my IP address.

Will 2009-06-15 22:03:42

related questions

Is it better to create Model classes, or just stick with generic database utility class?

What are effective options for embedding video in an ASP.NET web site?

Visual Studio 2008 debugger already attached work-around

Tracking state using ASP.NET AJAX / ICallbackEventHandler

ASP.NET Display SVN Revision Number

ASP.NET URL Rewriting

How can I change the background of a masterpage from the code behind of a content page?

Easy way to AJAX WebControls

How do I define custom web.config sections with potential child elements and attributes for the properties?

ASP.NET MVC "CRUD" Database Sample

Are Multiple DataContext classes ever appropriate?

How to RedirectToAction in ASP.NET MVC without losing request data

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP.NET built in user profile, Vs old stile user class/tables

What's a good book for learning ASP?

Bandwith throttling in IIS 6 by IP Address

ASP .Net Custom Client-Side Validation

How to get the value of built, encoded ViewState?

Decent, simple, GIS/mapping component for ASP.NET?

Checklist for IIS 6/ASP.NET Windows Authentication?

How to write to Web.Config in Medium Trust ?

ASP.NET, Visual Studio and Subversion - how to integrate?

Floating Point Number parsing: Is there a Catch All algorithm?

How do I sync the SVN revision number with my ASP.NET web site?

ASP.NET Site Maps