| Groups | Blog | Home |
iis security : permanent redirect and ssl
we have several different domain names we'd like to route to the same site. simple eough, just add hostheaders. however... we also want the address to be translated so that the primary address is used. eg, if the primary address is http://www.mycompany.com we want http://www.mycompanyalias.com/about/index.asp to not only load the same page as http://www.mycompany.com/about/index.asp, but to actually have the address displayed as http://www.mycompany.com/about/index.asp this is also simple enough... create a 2nd web site on the same ip, have a blank hostheader and have the site redirected to http://www.mycompany.com. so... this site gets all requests to our ip EXCEPT http://www.mycompany.com requests (since it's the hostheader for the primary web site) and redirects them AND translates the address to http://www.mycompany.com the problem lies in ssl regardless of what i set up... it seems the address i type in is preserved. i get the cert warning (cause the cert is issued to www.mycompany.com, not www.mycompanyalias.com) and everything works fine... but i cannot get it to load https://www.mycompany.com as the address. why is this? is there a way to do it? iow, i want http://www.mycompany.com/about/index.asp to go to http://www.mycompany.com/about/index.asp http://www.mycompanyalias.com/about/index.asp to go to http://www.mycompany.com/about/index.asp https://www.mycompany.com/about/index.asp to go to https://www.mycompany.com/about/index.asp https://www.mycompanyalias.com/about/index.asp to go to https://www.mycompany.com/about/index.asp doable? any help would be greatly appreciated. dushan bilbija
Since the redirect over HTTPS is happening correctly (next to the Cert
warning -- which is expected), what you are observing is a browser-specific behavior that cannot be controlled by the server. The server cannot make the client display particular URLs in the URL location bar. -- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // [quoted text, click to view] "Dushan Bilbija" <dbilbija@msn.com> wrote in message hellonews:%23%23$ZF9DrEHA.896@TK2MSFTNGP12.phx.gbl... we have several different domain names we'd like to route to the same site. simple eough, just add hostheaders. however... we also want the address to be translated so that the primary address is used. eg, if the primary address is http://www.mycompany.com we want http://www.mycompanyalias.com/about/index.asp to not only load the same page as http://www.mycompany.com/about/index.asp, but to actually have the address displayed as http://www.mycompany.com/about/index.asp this is also simple enough... create a 2nd web site on the same ip, have a blank hostheader and have the site redirected to http://www.mycompany.com. so... this site gets all requests to our ip EXCEPT http://www.mycompany.com requests (since it's the hostheader for the primary web site) and redirects them AND translates the address to http://www.mycompany.com the problem lies in ssl regardless of what i set up... it seems the address i type in is preserved. i get the cert warning (cause the cert is issued to www.mycompany.com, not www.mycompanyalias.com) and everything works fine... but i cannot get it to load https://www.mycompany.com as the address. why is this? is there a way to do it? iow, i want http://www.mycompany.com/about/index.asp to go to http://www.mycompany.com/about/index.asp http://www.mycompanyalias.com/about/index.asp to go to http://www.mycompany.com/about/index.asp https://www.mycompany.com/about/index.asp to go to https://www.mycompany.com/about/index.asp https://www.mycompanyalias.com/about/index.asp to go to https://www.mycompany.com/about/index.asp doable? any help would be greatly appreciated. dushan bilbija
ah ok... so the server sends the 301 response and the browser interprets
that as it sees fit? or does it have something to do with https requests being encrypted? [quoted text, click to view] "David Wang [Msft]" <someone@online.microsoft.com> wrote in message news:eVSiBcErEHA.1160@tk2msftngp13.phx.gbl... > Since the redirect over HTTPS is happening correctly (next to the Cert > warning -- which is expected), what you are observing is a browser-specific > behavior that cannot be controlled by the server. The server cannot make > the client display particular URLs in the URL location bar. > > -- > //David > IIS > This posting is provided "AS IS" with no warranties, and confers no rights. > // > "Dushan Bilbija" <dbilbija@msn.com> wrote in message > news:%23%23$ZF9DrEHA.896@TK2MSFTNGP12.phx.gbl... > hello > > we have several different domain names we'd like to route to the same site. > simple eough, just add hostheaders. however... we also want the address to > be translated so that the primary address is used. > > eg, if the primary address is http://www.mycompany.com we want > http://www.mycompanyalias.com/about/index.asp to not only load the same page > as http://www.mycompany.com/about/index.asp, but to actually have the > address displayed as http://www.mycompany.com/about/index.asp > > this is also simple enough... create a 2nd web site on the same ip, have a > blank hostheader and have the site redirected to http://www.mycompany.com. > so... this site gets all requests to our ip EXCEPT http://www.mycompany.com > requests (since it's the hostheader for the primary web site) and redirects > them AND translates the address to http://www.mycompany.com > > the problem lies in ssl > > regardless of what i set up... it seems the address i type in is preserved. > i get the cert warning (cause the cert is issued to www.mycompany.com, not > www.mycompanyalias.com) and everything works fine... but i cannot get it to > load https://www.mycompany.com as the address. > > why is this? is there a way to do it? > > iow, i want > > http://www.mycompany.com/about/index.asp to go to > http://www.mycompany.com/about/index.asp > http://www.mycompanyalias.com/about/index.asp to go to > http://www.mycompany.com/about/index.asp > > https://www.mycompany.com/about/index.asp to go to > https://www.mycompany.com/about/index.asp > https://www.mycompanyalias.com/about/index.asp to go to > https://www.mycompany.com/about/index.asp > > doable? > > any help would be greatly appreciated. > > dushan bilbija > > > >
Correct. The server can only send the 301/302 response and tell the client
"go to THIS URL". What the client does with this information is completely up to it. It can ignore the URL, follow the URL, popup dialog boxes, set the value in the URL location bar, crash, etc. -- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // [quoted text, click to view] "Dushan Bilbija" <dbilbija@msn.com> wrote in message ah ok... so the server sends the 301 response and the browser interpretsnews:eVZ1bjHrEHA.1272@TK2MSFTNGP09.phx.gbl... that as it sees fit? or does it have something to do with https requests being encrypted? [quoted text, click to view] "David Wang [Msft]" <someone@online.microsoft.com> wrote in message news:eVSiBcErEHA.1160@tk2msftngp13.phx.gbl... > Since the redirect over HTTPS is happening correctly (next to the Cert > warning -- which is expected), what you are observing is a browser-specific > behavior that cannot be controlled by the server. The server cannot make > the client display particular URLs in the URL location bar. > > -- > //David > IIS > This posting is provided "AS IS" with no warranties, and confers no rights. > // > "Dushan Bilbija" <dbilbija@msn.com> wrote in message > news:%23%23$ZF9DrEHA.896@TK2MSFTNGP12.phx.gbl... > hello > > we have several different domain names we'd like to route to the same site. > simple eough, just add hostheaders. however... we also want the address to > be translated so that the primary address is used. > > eg, if the primary address is http://www.mycompany.com we want > http://www.mycompanyalias.com/about/index.asp to not only load the same page > as http://www.mycompany.com/about/index.asp, but to actually have the > address displayed as http://www.mycompany.com/about/index.asp > > this is also simple enough... create a 2nd web site on the same ip, have a > blank hostheader and have the site redirected to http://www.mycompany.com. > so... this site gets all requests to our ip EXCEPT http://www.mycompany.com > requests (since it's the hostheader for the primary web site) and redirects > them AND translates the address to http://www.mycompany.com > > the problem lies in ssl > > regardless of what i set up... it seems the address i type in is preserved. > i get the cert warning (cause the cert is issued to www.mycompany.com, not > www.mycompanyalias.com) and everything works fine... but i cannot get it to > load https://www.mycompany.com as the address. > > why is this? is there a way to do it? > > iow, i want > > http://www.mycompany.com/about/index.asp to go to > http://www.mycompany.com/about/index.asp > http://www.mycompanyalias.com/about/index.asp to go to > http://www.mycompany.com/about/index.asp > > https://www.mycompany.com/about/index.asp to go to > https://www.mycompany.com/about/index.asp > https://www.mycompanyalias.com/about/index.asp to go to > https://www.mycompany.com/about/index.asp > > doable? > > any help would be greatly appreciated. > > dushan bilbija > > > >
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |