Enable SSL for selected Pages in MOSS

An article on automatically switching between HTTP and HTTPS protocols without hard-coding absolute URLs

I came across a change request of my client who wants to enable SSL on selected pages in MOSS site collection. we all know that we can create SSL enabled web application from scratch. But here the requirement is unique and client requirement says he should be able to Enable SSL on pages of his choice. So it should be configurable and at same time we should be able to maintain session state across http and https. Amazingly MOSS has that ability to support session state when switching across HTTP and HTTPS. I followed the steps below and was able to achieve result
1) Wrote a custom HTTP handler which redirects http to https for selected pages.

2) The page list is read from web.config file.
****** Source code for HTTP handler************************
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Security;
using System.Diagnostics;

namespace Arun.ForceSSL
{
public class ForceSSL : System.Web.IHttpModule
{
#region IHttpModule Members

public void Dispose()
{
throw new NotImplementedException();
}

public void Init(System.Web.HttpApplication context)
{
context.BeginRequest += new EventHandler(context_BeginRequest);

}

#endregion

void context_BeginRequest(object sender, EventArgs e)
{
RedirectSSL(System.Web.HttpContext.Current.Request.Url.PathAndQuery);
}
public void RedirectSSL(string pageURL)
{
//check for the current page exists in the group of pages requiring SSL
//if page is found in ssl group then redirect using https:// otherwise redirect with http://
bool found = false;
string sslPages = System.Configuration.ConfigurationSettings.AppSettings["SSLPages"];
char[] separator;
separator = new char[] { ',' };
string[] pages;
pages = sslPages.Split(separator);
for (int i = 0; i < pages.Length; i++)
{

if( pageURL.ToLower().Contains(pages[i].ToLower()))
{
found = true;
break;
}
}
if (found)
{
if (System.Web.HttpContext.Current.Request.Url.Scheme.ToString() == "http")
{
string sURL = System.Web.HttpContext.Current.Request.Url.ToString();
sURL = sURL.Replace("http://", "https://");
System.Web.HttpContext.Current.Response.Redirect(sURL);

}
}
else
{
if (System.Web.HttpContext.Current.Request.Url.Scheme.ToString() == "https")
{
string sURL = System.Web.HttpContext.Current.Request.Url.ToString();
sURL = sURL.Replace("https://", "http://");
System.Web.HttpContext.Current.Response.Redirect(sURL);
}
}

}
}



}
**********************************Source code for Http handler ends**************
4) Sign this assembly and GAC it.

5) Add this line <httpmodules> section and see that this line is first among all
< name="ForceSSL" type="Arun.ForceSSL.ForceSSL, ForceSSL,Version=1.0.0.0, Culture=neutral,PublicKeyToken=xxxxxxxx">
Add key in Appsettings of web.config file like this.
< key="SSLPages" value="/SitesWithSSL/Pages/SSL1.html,/subsite/Pages/SSL1.aspx">
we can add as many pages we need for this. All these pages would be SSL enabled.

6)Now come to IIS-->WebApplication which needs SSL enabling for selected pages

7)Navigate to Properties--Directory Settings--Secure Communications--Server Certificate-->Assign the existing certificate.
More Details on SSL enabling

8)Assign port 443 for SSL ( we can choose port of our choice, but we should be aware that 443, 80 doesnt require ports to be mentioned in URL, otherwise we have to tweak our code settings to read through those ports)

9)Please be sure that in Directory settings-->SecureCommunications-->Edit-->Require Secure Channel is NOT SELECTED.

10)Now come back to Central Administration-->Operations-->Alternate Access Mappings

11)Add the new URL via internal URL's link.
https://servername//.

12)Perform IISReset-->Now Browse Application..
we can see our selected pages(as specified in web.config) are over SSL mode and the rest are under normal HTTP.

Upload file in MOSS / SharePoint using code

It is easy and simple to upload a file in the document library of MOSS / SharePoint. The code for upload the file in C# is as under: 

SPSite sp = new SPSite(“URL of the site collection”);     

SPWeb site = sp.OpenWeb();      

SPFolder folder = site.GetFolder(“Document Library Name”);     

SPFileCollection files = folder.Files; FileStream fStream = File.OpenRead(“C:\\upload.doc”); //path of the file to upload     

byte[] contents = new byte[fStream.Length];     

fStream.Read(contents, 0, (int)fStream.Length);     

fStream.Close();      

Hashtable MetaDataTable = new Hashtable();     

MetaDataTable.Add(“Comments”, “Hello World”);      

SPFile currentFile = files.Add(“URL of the document library/upload.doc”, contents, MetaDataTable, true); 

You can addd the meta data as well by using Hash Table. We have populated the “Comments” column with “Hello World”. 

With or without using the following code

 SPListItem doc = currentFile.Item;  

We can do a lot of things with the uploaded file.

For more information, visit the Microsoft link. It provides more information about the error checking and other.

create our own custom 404 error page and handle redirect in SharePoint 2007 (MOSS)

People alway ask how to use their own 404 file not found error page vs. the generic one from IE in MOSS environment. The following example catches the 404 error and sends users to a redirect page.

Here's the steps:

1. In your MOSS server, make a copy of

%systemdrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\LAYOUTS\1033\sps404.html

and call it my404.html

2. Create a Virtual Directory in IIS under your MOSS root web application. For example /errors

3. Create your own redirect aspx page, for example /errors/my404redirect.aspx and code your redirect logic in there. This is a normal asp.net page.

4. In my404.html, make the following change:

STSNavigate("/errors/my404redirect.aspx?oldUrl=" + requestedUrl);

5. Create a Console Application and insert the following code and run it in MOSS server

System.Uri webApplicationUri = new Uri(http://MyMOSSServer/);

SPWebApplication webApplication = SPWebApplication.Lookup(webApplicationUri);

webApplication.FileNotFoundPage = "my404.html"; //*note

webApplication.Update();

*Note: By default this is set to null. FileNotFoundPage needs to point to a html file that lives in %systemdrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\LAYOUTS\1033. The file needs to be html only.

6. Now when you browse to a page that doesn't exist, you should expect to be brought to the redirected page.

*Another note:

In IE there's a "Show friendly HTTP error messages" setting which is ON by default in Internet Options->Advanced. With this setting on, sometimes your custom error page is not displayed. In order to override this setting, both my404.html and /errors/my404redirect.aspx from the above steps need to be larger than 512 bytes in size. Refer to the following KB about this setting: http://support.microsoft.com/kb/218155

* This seems to be working within a site collection context only, i.e. http://MyMOSSServer/sites/siteA if sites is a wildcard inclusion managed path and siteA doesn't exist in MOSS then this URL will NOT trigger the custom 404 error page set to SPWebApplication.FileNotFoundPage property.