SharePoint:公共网站中的 https 区域

发布于 2024-08-26 20:29:50 字数 387 浏览 12 评论 0原文

我正在开发一个使用 SharePoint (WSS) 构建的公共网站。我们需要在网站中添加一个区域,人们可以使用信用卡购买商品,显然该区域需要受到保护。

该网站使用基于表单的身份验证,用户在从 https 区域来回移动时需要保持登录状态。

我知道如何为新的 Web 应用程序/网站集启用 SSL,但这对我来说并不是一个真正的选择,因为该网站已经在线,并且我们不希望整个事情都受到保护。

我对所涉及的 Web 部件(支付模块、购物车等)的开发感到满意,但我无法真正弄清楚如何在创建网站集时仅创建某些 https 页面。

您是否可以提供部署受保护页面的功能?如果是这样,怎么办?您是否可以拥有一个启用了 SSL 但用户被重定向到/来自的区域,而不会丢失其身份验证 (FBA)?

谢谢!

I'm working on a public website that was built using SharePoint (WSS). We need to add an area in the site where people will be able to purchase items with their credit cards and obviously the area needs to be secured.

The website is using Form Based Authentication and the users need to stay logged in when they are moved back and forth from the https zone.

I know how to enable SSL for a new web application / site collection but this isn't really an option for me as the website is already online and we don't want the whole thing to be secured.

I am comfortable with the development of the webparts involved (payment module, shopping cart, etc.) but I can't really figure out how to create only certain https pages when the site collection is created.

Can you have features that deploy pages that are secured? If so, how? Can you have a zone where SSL is enabled but where the users are redirected to and from without losing their authentication (FBA)?

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

×眷恋的温暖 2024-09-02 20:29:50

有几种方法可以解决此问题:

  1. 如果您的防火墙支持,您可以在防火墙级别终止 SSL,并确定哪些页面需要通过 SSL 进行保护(例如使用 ISA 服务器)并保持现有站点不变。

  2. 或者,您可以将现有网站设置为通过 HTTPS 和 HTTP 接受请求。在 IIS 级别,这涉及安装 SSL 证书并在端口 443 上添加附加绑定。在 SharePoint 级别,您还需要添加备用访问映射以使 SharePoint 识别 https URL。我已在 http 记录了这些步骤://www.sharepointconfig.com/2010/03/configuring-a-sharepoint-website-to-allow-ssl-connections/。然后,您可以使用 IIS 7 Url Rewrite 模块或通过 HttpModule 强制特定页面使用 SSL。

  3. 您可以将 Web 应用程序扩展到新的 IIS 网站(Microsoft 在其文章 http://technet.microsoft.com/en-us/library/cc298636.aspx)。这确实增加了运行和管理两个 IIS 网站、web.config 等的开销,这些网站可能需要也可能不需要。此方法还需要某种方法将请求重定向到适当的协议。

There are several ways to approach this:

  1. If your firewall supports it you can terminate SSL at the firewall level and have that determine which pages need to be secured via SSL (e.g. using ISA server) and keep the existing site as is.

  2. Alternatively you can set up the existing web site to accept requests via both HTTPS and HTTP. At the IIS level this involves installing a SSL certificate and adding an additional binding on port 443. At the SharePoint level you also need to add an alternate access mapping to make SharePoint aware of the https URL. I have documented these steps at http://www.sharepointconfig.com/2010/03/configuring-a-sharepoint-website-to-allow-ssl-connections/. You can then enforce specific pages to use SSL using the IIS 7 Url Rewrite module or via a HttpModule.

  3. You can extend the web application onto a new IIS web site (Microsoft does recommend using separate IIS sites for HTTP and SSL in their article at http://technet.microsoft.com/en-us/library/cc298636.aspx). This does add the overhead of running and managing two IIS websites, web.config's etc which may or may not be required. This approach would also need some way of redirecting requests to the appropriate protocol.

断舍离 2024-09-02 20:29:50

您能否不扩展 Web 应用程序而仅在一个 Web 应用程序上启用 SSL?然后,您可以在需要时链接到该网站的安全版本。只要它们位于同一域,FBA cookie 就应该在两个 Web 应用程序上都有效。

Can you not extend the web application and just enable SSL on one web application. Then you can just link to the secured version of the site when you need to. As long as they are both on the same domain the FBA cookie should work on both web apps.

[旋木] 2024-09-02 20:29:50

我尝试的另一个选择是将所有内容保留在同一个 Web 应用程序中,但对其进行设置,以便可以通过 SSL 和非 SSL 进行访问。

然后我会编写一个 HttpModule,它检查传入的请求 url 并在安全和非安全状态之间来回重定向。例如,逻辑可能如下所示

如果请求 url 以 http://mydomain.com/secure 开头

- ->重定向到 https://mydomain.com/secure

否则,如果请求 URL 以 https://mydomain.com/general

-->重定向到 http://mydomain.com/general

否则

-->不执行任何操作,让请求执行

这种方法的优点是 http 模块将更加可靠,并且您不必依赖内容页面中的链接来进行切换。

Another option I would try would be to leave everything in the same web application, but have it set up so that it can be accessed via both SSL and non-SSL.

Then I would write a HttpModule which checks the incoming request url and redirects back and forth between the secure and non-secure states. For example the logic might look something like this

If request url starts with http://mydomain.com/secure

--> Redirect to https://mydomain.com/secure

Else if request url starts with https://mydomain.com/general

--> Redirect to http://mydomain.com/general

Else

--> Do nothing and let request execute

The advantage of this approach is that the http module will be more reliable and you won't have to rely on the links within your content pages to do the switching.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文