Solved

Redirect rewrite back to same address

Posted on 2016-10-26
3
88 Views
Last Modified: 2016-10-27
Hi,

I can not modify code on this problem must do  it in IIS. It is a Microsoft .net frameworks 4.0 website iis6

I have a website that I want a user to get into only from a specific refereed address

Let's ay it is http://www.contoso.com   

there is a page http://www.contoso.com/profile.aspx    I do not want the user going right to http://www.contoso.com/profile.aspx     but want them to go to http://www.contoso.com/default.aspx  .   in default.aspx it will set a security session variable then redirect back to http://www.contoso.com/profile.aspx

How can I do this strictly with IIS?  I can  not change the applications code.
0
Comment
Question by:Charles Baldo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 52

Expert Comment

by:Ryan Chong
ID: 41861677
in your existing codes, is that profile.aspx  will be redirected to default.aspx if there is not session variable being stored?
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41861794
This is not something that IIS can do.  In general, the AppPool that hosts the site/app, has no knowledge of any sessions that exist or not.  The AppPool do not have any configurable interface to talk to the application code to pull a session and check if it valid or not.

The only way I can think of this working is to use the "HTTP_Referer" field in the inbound HTTP request.  This is easily accomplished with the URL Rewrite feature that is available for IIS7+.

Here is an IIS.NET forum dicussion on the same issue.

Link:  https://forums.iis.net/t/1189057.aspx

But you have a technology challenge, namely IIS6.  There are builtin URL Rewrite options for IIS6.  You need to use either a 3rd party commercial ISAPI filter like something from Helicon (Apache compatible URL rewriting for IIS :  http://www.isapirewrite.com/) or an open source product like Ionics Isapi Rewrite Filter (http://iirf.codeplex.com/).

Dan
0
 

Author Closing Comment

by:Charles Baldo
ID: 41862175
Thank you
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month6 days, 19 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question