Freigeben über


HTTP to HTTPS redirection using ASP.NET HTTP Module

I have been very quiet from last couple of months after moving in to SharePoint space. Let me start with a simple  ASP.NET module which I wrote sometime back for HTTP to HTTPS redirection. Recently, I have seen many requests coming with this requirement from developers who has very little control over the web server in a web hosting scenario. They don't want to depend on the web administrator to achieve the simple tasks like redirection from HTTP to HTTPS after hosting their web application (i.e  assuming SSL is configured correctly by the administrator).

Here is a simple HTTP module to achieve the HTTP to HTTPS redirection. The module has registered to listen for one event called context_BeginRequest which does the trick when the first request begins.

 using System;
 using System.Collections.Generic;
 using System.Web;
  
 public class Redirect : IHttpModule
 {
  
     public Redirect() {}
     #region IHttpModule Members
     public void Dispose()
     {
         throw new NotImplementedException();
     }
  
     public void Init(HttpApplication context)
     {
        context.BeginRequest += new EventHandler(context_BeginRequest);
     }
  
     void context_BeginRequest(object sender, EventArgs e)
     {
         HttpApplication AppObject = (HttpApplication)sender;
  
         if (!AppObject.Request.IsSecureConnection)
         {
             // send user to SSL 
             string serverName = HttpUtility.UrlEncode(AppObject.Request.ServerVariables["SERVER_NAME"]);
             string filePath = AppObject.Request.FilePath;
             AppObject.Response.Redirect("https://" + serverName + filePath);
         }
     }
     #endregion
 }

 

You can copy the above code in to class file and save the file as “Redirect.cs”. We can plug this module to ASP.NET pipeline through the application configuration file as shown below. With ASP.NET 2.0, we dont even need to worry about compiling the class in to a DLL. All we need to is put this class file under App_Code (If you don't have one, please create the folder by name “App_Code”) directory of the application root folder. In ASP.NET 2.0 everything under App_Code directory will be compiled in to a single DLL.

 

  <httpModules>
       <clear />
        <add name="Redirect" type="Redirect"/> 
       <add name="SPRequest" type="Microsoft.SharePoint.ApplicationRuntime.SPRequestModule, Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
       <add name="OutputCache" type="System.Web.Caching.OutputCacheModule" />
       <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
       <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
       <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" />
       <add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
       <add name="PublishingHttpModule" type="Microsoft.SharePoint.Publishing.PublishingHttpModule, Microsoft.SharePoint.Publishing, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
  </httpModules>

 

As shown below, you need uncheck the “require SSL” option under SSL Setting for that web application to allow HTTP traffic and for the code to work as expected.

image 

 

Hope that helps!

Sojesh

Comments

  • Anonymous
    May 26, 2009
    PingBack from http://microsoft-sharepoint.simplynetdev.com/http-to-https-redirection-using-aspnet-http-module/

  • Anonymous
    May 26, 2009
    Thank you for submitting this cool story - Trackback from DotNetShoutout

  • Anonymous
    October 11, 2010
    Out of curiosity, why do you thrown the NotImplementedException on the Dispose method instead of just letting it silently do nothing?  I assume it's there because IDisposable was implemented somewhere up the chain?  If something did call Dispose, wouldn't that create extra overhead tossing the exception?  Your insight would be appreciated. :)

  • Anonymous
    November 02, 2011
    i am gettting Error Could not load type 'Redirect'.

  • Anonymous
    November 02, 2011
    The comment has been removed

  • Anonymous
    April 23, 2013
    This post is still relevant after 4 years. Thanks!