在Rackspace(Mosso)Cloud中托管时检查SSL

我正在使用Request.IsSecureConnection来检查SSL并在适当的地方重定向。 在Rackspace的云上运行我的asp.net网站时,服务器在SSL集群后运行,因此IsSecureConnection将始终返回false。 检查URL是否包含“https://”,始终为false,检查端口等等也是如此。因此网站陷入了大重定向循环。

是否有其他方法可以检查SSL并在适当的位置重定向? 有人在Rackspace的云上实际做过这个吗?

Public Class SecurityAwarePage Inherits Page Private _requireSSL As Boolean = False Public Property RequireSSL() As Boolean Get Return _requireSSL End Get Set(ByVal value As Boolean) _requireSSL = value End Set End Property Private ReadOnly Property IsSecure() As Boolean Get Return Request.IsSecureConnection End Get End Property Protected Overrides Sub OnInit(ByVal e As System.EventArgs) MyBase.OnInit(e) PushSSL() End Sub Private Sub PushSSL() Const SECURE As String = "https://" Const UNSECURE As String = "http://" If RequireSSL AndAlso Not IsSecure Then Response.Redirect(Request.Url.ToString.Replace(UNSECURE, SECURE)) ElseIf Not RequireSSL AndAlso IsSecure Then Response.Redirect(Request.Url.ToString.Replace(SECURE, UNSECURE)) End If End Sub End Class 

虽然很难检查SSL是否参与解决问题的方法是强制使用SSL。

从RackspaceCloud支持知识库 :

您可以在web.config中重写URL:

                 

您可以在ASP.NET中强制使用SSL:

 <%@ Page Language="C#" %>     SSL Only     

我遇到了与Rackspace Cloud同样的问题,最后通过手动实现Request.IsSecureConnection()扩展方法并用我自己的方法替换框架的RequireHttpsAttribute来解决它。 希望其他人也会觉得这很有用。

 ///  /// Replaces framework-provided RequireHttpsAttribute to disable SSL requirement for local requests /// and properly enforce SSL requirement when used with Rackspace Cloud's load balancer ///  [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)] public class RequireHttpsAttribute : FilterAttribute, IAuthorizationFilter { public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (filterContext.HttpContext.Request.IsLocal) return; if (!filterContext.HttpContext.Request.IsSecureConnection()) { HandleNonHttpsRequest(filterContext); } } protected virtual void HandleNonHttpsRequest(AuthorizationContext filterContext) { // only redirect for GET requests, otherwise the browser might not propagate the verb and request // body correctly. if (!String.Equals(filterContext.HttpContext.Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase)) { throw new InvalidOperationException("The requested resource can only be accessed via SSL."); } // redirect to HTTPS version of page string url = "https://" + filterContext.HttpContext.Request.Url.Host + filterContext.HttpContext.Request.RawUrl; filterContext.Result = new RedirectResult(url); } } public static class Extensions { ///  /// Gets a value which indicates whether the HTTP connection uses secure sockets (HTTPS protocol). Works with Rackspace Cloud's load balancer ///  ///  ///  public static bool IsSecureConnection(this HttpRequestBase request) { const string rackspaceSslVar = "HTTP_CLUSTER_HTTPS"; return (request.IsSecureConnection || (request.ServerVariables[rackspaceSslVar] != null || request.ServerVariables[rackspaceSslVar] == "on")); } ///  /// Gets a value which indicates whether the HTTP connection uses secure sockets (HTTPS protocol). Works with Rackspace Cloud's load balancer ///  ///  ///  public static bool IsSecureConnection(this HttpRequest request) { const string rackspaceSslVar = "HTTP_CLUSTER_HTTPS"; return (request.IsSecureConnection || (request.ServerVariables[rackspaceSslVar] != null || request.ServerVariables[rackspaceSslVar] == "on")); } }