public void OnActionExecuted(ActionExecutedContext filterContext) { var settings = _sslService.GetSettings(); if (!settings.Enabled) { _orchardServices.Notifier.Warning(T("You need to configure the SSL settings.")); } }
public IEnumerable <NotifyEntry> GetNotifications() { var workContext = _orchardServices.WorkContext; var settings = _sslService.GetSettings(); if (!settings.Enabled) { var urlHelper = new UrlHelper(workContext.HttpContext.Request.RequestContext); var url = urlHelper.Action("Ssl", "Admin", new { Area = "Settings" }); yield return(new NotifyEntry { Message = T("The <a href=\"{0}\">SSL settings</a> need to be configured.", url), Type = NotifyType.Warning }); } }
public void OnActionExecuting(ActionExecutingContext filterContext) { var settings = _sslService.GetSettings(); if (filterContext.IsChildAction || !settings.Enabled) { return; } var user = filterContext.HttpContext.User; var secure = (user != null && user.Identity.IsAuthenticated) || _sslService.ShouldBeSecure(filterContext); var request = filterContext.HttpContext.Request; // redirect to a secured connection ? if (secure && !request.IsSecureConnection) { var secureActionUrl = AppendQueryString( request.QueryString, _sslService.SecureActionUrl( filterContext.ActionDescriptor.ActionName, filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.RequestContext.RouteData.Values)); filterContext.Result = new RedirectResult(secureActionUrl); return; } // non auth page on a secure canal // nb: needed as the ReturnUrl for LogOn doesn't force the scheme to http, and reuses the current one // Also don't force http on ajax requests. if (!secure && request.IsSecureConnection && !request.IsAjaxRequest()) { var insecureActionUrl = AppendQueryString( request.QueryString, _sslService.InsecureActionUrl( filterContext.ActionDescriptor.ActionName, filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.RequestContext.RouteData.Values)); filterContext.Result = new RedirectResult(insecureActionUrl); } }
public bool GetRequiresSSL() { return(_secureSocketsLayerService.GetSettings().Enabled); }