HTTPS Question - Protect Single File



I'm Using .NET 3.5 to create an ASP.NET Web application that will run on the
public Internet.

I would like to use HTTPS to protect user IDs and passwords in transit from
the browser to the server. But after successful authentication, other pages
in the site do not need SSL.

From what I understand, we can use HTTPS to protect files in a particular
folder in an all-or-none fashion.

But I would like to protect *only* the login.aspx page, and I would like for
it to be located in the root of the Web site. Can this be done?
Specifically, can we use HTTPS to protect only a single file (login.aspx in
my case) in the root of the Web site - without requiring that all files in
the folder or site be accessed via HTTPS?


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question