HTTP to HTTPS redirection using ASP.NET HTTP Module
I have been very quiet from last couple of months after moving in to SharePoint space. Let me start with a simple ASP.NET module which I wrote sometime back for HTTP to HTTPS redirection. Recently, I have seen many requests coming with this requirement from developers who has very little control over the web server in a web hosting scenario. They don't want to depend on the web administrator to achieve the simple tasks like redirection from HTTP to HTTPS after hosting their web application (i.e assuming SSL is configured correctly by the administrator).
Here is a simple HTTP module to achieve the HTTP to HTTPS redirection. The module has registered to listen for one event called context_BeginRequest which does the trick when the first request begins.
using System;
using System.Collections.Generic;
using System.Web;
public class Redirect : IHttpModule
{
public Redirect() {}
#region IHttpModule Members
public void Dispose()
{
throw new NotImplementedException();
}
public void Init(HttpApplication context)
{
context.BeginRequest += new EventHandler(context_BeginRequest);
}
void context_BeginRequest(object sender, EventArgs e)
{
HttpApplication AppObject = (HttpApplication)sender;
if (!AppObject.Request.IsSecureConnection)
{
// send user to SSL
string serverName = HttpUtility.UrlEncode(AppObject.Request.ServerVariables["SERVER_NAME"]);
string filePath = AppObject.Request.FilePath;
AppObject.Response.Redirect("https://" + serverName + filePath);
}
}
#endregion
}
You can copy the above code in to class file and save the file as “Redirect.cs”. We can plug this module to ASP.NET pipeline through the application configuration file as shown below. With ASP.NET 2.0, we dont even need to worry about compiling the class in to a DLL. All we need to is put this class file under App_Code (If you don't have one, please create the folder by name “App_Code”) directory of the application root folder. In ASP.NET 2.0 everything under App_Code directory will be compiled in to a single DLL.
<httpModules>
<clear />
<add name="Redirect" type="Redirect"/>
<add name="SPRequest" type="Microsoft.SharePoint.ApplicationRuntime.SPRequestModule, Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
<add name="OutputCache" type="System.Web.Caching.OutputCacheModule" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" />
<add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
<add name="PublishingHttpModule" type="Microsoft.SharePoint.Publishing.PublishingHttpModule, Microsoft.SharePoint.Publishing, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
</httpModules>
As shown below, you need uncheck the “require SSL” option under SSL Setting for that web application to allow HTTP traffic and for the code to work as expected.
Hope that helps!
Sojesh
Comments
Anonymous
May 26, 2009
PingBack from http://microsoft-sharepoint.simplynetdev.com/http-to-https-redirection-using-aspnet-http-module/Anonymous
May 26, 2009
Thank you for submitting this cool story - Trackback from DotNetShoutoutAnonymous
October 11, 2010
Out of curiosity, why do you thrown the NotImplementedException on the Dispose method instead of just letting it silently do nothing? I assume it's there because IDisposable was implemented somewhere up the chain? If something did call Dispose, wouldn't that create extra overhead tossing the exception? Your insight would be appreciated. :)Anonymous
November 02, 2011
i am gettting Error Could not load type 'Redirect'.Anonymous
November 02, 2011
The comment has been removedAnonymous
April 23, 2013
This post is still relevant after 4 years. Thanks!