I am developing on Visual Studios a C#/asp.net site to replace the legacy Classic ASP site. We use Air Force CAC cards, and I have configured Visual Studio to use mine. I have a basic start page that has two links to redirects. They redirect to pages inside the visual studio iis server (Local Host). When I start(with or without debugging), it prompts for my certificate, I select and then it goes to the basic start page.If I click on a link to a page on the local host, Windows Security prompts me to select a certificate again, and then will redirect me to the same page on our production site !
I have hard coded the redirect just to make sure it wasn't a problem with my server path. It physically is coded to redirect to localhost:port/_admin/Default.aspx. There is no way it should go to the production URL ! It does it with Internet Explorer and Chrome. I have cleared the cache on the browser, but no change.
The redirect is: Response.Redirect("https://localhost:44365/_admin/Default.aspx");
I am not very sharp with using card authentication, so I relied on a post to make the following configuration changes to the Visual Studio project applicationhost.xml file when I initially started developing this project.:
original: section name = "clientCertificateMappingAuthentication" overrideModeDefault = "Deny"
changed: section name = "clientCertificateMappingAuthentication" overrideModeDefault = "Allow"
original: section name = "iisClientCertificateMappingAuthentication" overrideModeDefault = "Deny"
changed: section name = "iisClientCertificateMappingAuthentication" overrideModeDefault = "Allow"
original: access sslFlags = "None"
changed: access sslFlags = "SslNegotiateCert"
i am hoping that maybe its just misconfigured.
This was an intermittent problem for months (about every 1/2 hour). Now it is constant, and I don't know what changed to make it constant.
Any help would be greatly appreciated !
It seems that a database table was updated yesterday that was partially used for authentication. This changed my user ID in Dev to a different one that is used in Production. V.S. actually was hitting the correct page for about 4 lines of code, inwhich case, based on the wrong UserID, it redirected me. So sorry to have posted this question and wasted anyone time !