I’m using MVC 1.0 and have created a RequireSSLAttribute (like the one in ASP.NET

Question

0

Asked: May 13, 20262026-05-13T21:45:45+00:00 2026-05-13T21:45:45+00:00

I’m using MVC 1.0 and have created a RequireSSLAttribute (like the one in ASP.NET

0

I’m using MVC 1.0 and have created a “RequireSSLAttribute” (like the one in ASP.NET MVC 1.0 Futures but ignores SSL directives for local computer). I want to SSL-enable the sign up and login pages to protect the passwords that are being sent. However, I want the rest of the site to be non-SSL.

By adding the [RequireSSL] attribute to my controller’s sign up and login methods, I am able to successfully get the app to redirect to the appropriate page with HTTPS. However, all pages after the sign up or login continue using SSL.

Is there any way to get the app to switch back to HTTP without having to create a “RequireNonSslAttribute” that I’d have to add to all of the other controller methods?

Thanks.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-13T21:45:45+00:00

What if you just add it to the controller action that you redirect to after login? Or add a redirect in your base controller. For example, we do something like this in the base OnActionExecuting:

        if (req.IsSecureConnection && 
            filterContext.RouteData.Values["controller"]
                         .ToString().ToLower() != "home")
        {
            string url = req.Url.ToString().ToLower().Replace("http:", "https:");
            res.Redirect(url);
        }

This was the quickest way for us to accomplish basically the same thing (our home controller had the login-type actions).

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m using MVC 1.0 and have created a RequireSSLAttribute (like the one in ASP.NET

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply