http://www.ISAserver.org ------------------------------------------------------- Thanks. Was getting a root canal when you returned email. ug t > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > Sent: Friday, February 29, 2008 6:09 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: HTTP Redirects > > http://www.ISAserver.org > ------------------------------------------------------- > > You can also specify the vroot in the mapping, so... > https://site.domain.tld/path = https://site.domain.tld/path > > This way, you can limit the changes to a single vroot. > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore > Sent: Friday, February 29, 2008 5:21 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: HTTP Redirects > > http://www.ISAserver.org > ------------------------------------------------------- > > Except we don't want to have it force SSL on all sections of the site, > only certain directories. What's more, the server hosts several sites, > and we don't want to have to set something in ISA every time we create > a > new site. Is there a way to get ISA to leave 302 responses alone, and > NOT have it "fix" them? Or can we write generic link translation > rules, > similar to the apache rewrite module, to control what parts of the > sites > are redirected? > > Thanks, > Rob > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Jim Harrison > Sent: Wednesday, February 27, 2008 1:56 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: HTTP Redirects > > http://www.ISAserver.org > ------------------------------------------------------- > > This is link translation. > The user connects to a listener/rule combination that allows > http://site.domain.tld and includes link translation. > If a link or redirect comes through that says https://site.domain.tld, > LT will automatically change that to http://site.domain.tld. This is > what LT is for. > You can enter a custom definition that says to change > https://site.domain.tld to https://site.domain.tld, but this will cause > all connections from that site to be redirected to HTTPS. > If that's what you want, you're golden. > > Jim > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Rob Moore > Sent: Wednesday, February 27, 2008 10:24 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] HTTP Redirects > > Hello all- > > Using ISA 2006 Standard. > > We have an Apache server on our network. We are using the Apache > server > to add a forced redirect from HTTP to HTTPS for some pages on one of > the > sites served by that server. If your browser is on our network, this > works fine. Apache replies with a 302 status, and a location header > that includes https://site.domain.tld/file > <https://site.domain.tld/file> just like it should. However, if your > browser is outside our network the reply seems to have been edited so > that the location header now reads http://site.domain.tld/file > <http://site.domain.tld/file> (note the lost 's'). This causes the > browser to enter a redirect loop where it tries the unsecured page > repeatedly, and then fails. Since the only difference is that the > request is going through our ISA server when we're outside the network, > it seems like the ISA server is responsible for the problem. I'm not > even sure how to set the monitoring filter on the ISA server, though, > to > show me what's going on. > > To complicate matters a bit, I don't know how to get the > internally-generated certificate off the Apache server and into the ISA > server. So I published it using the "Publish Non-Web Server Protocols" > wizard. It was working fine until we started using the Apache server to > redirect HTTP requests to HTTPS. > > Is there a way to prevent our ISA server from doing whatever it's doing > that seems to be updating this response header? Or is there a better > approach? (Like, maybe getting the cert off the Apache server and into > the ISA server so we can publish the site like a normal web site?) > > Thanks, > > Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > Rob Moore > > Network Manager > > 215-241-7870 > > Help Desk: 800-500-AFSC > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx