We have implemented a https for our website, so basically what we have made is implement a redirect.
<rewrite>
<rules>
<rule name="rule - name" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://yourpath" redirectType="youttype" />
</rule>
</rules>
</rewrite>
The redirect is working ok, but I got an issue. Some of the users has saved in the bookmarks the old path like this http://applicationName/Account/Login?ReturnUrl=%2f and the redirect is doing this -> https://applicationName/?ReturnUrl=/ and I get the error you can see below:
401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied.
so far what I have tried to fix the issue is add to my appsetting in the web.config some stuff I saw that could solve the problem:
<appSettings>
<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>
</appSettings>
and Also
<authorization>
<allow users="*"/>
</authorization>
but I still having the same issue with the redirect. Any idea how can I fix this issue??
Thanks!!
