After some embarrassing posts that showcase just how new I am to ASP.NET (see here, if you're in the mood: http://forum.discountasp.net/showthread.php?t=7930), I believe I have finally pinpointed the root of all my issues. I have a site with a secure gift card purchasing system. I've inherited it from someone who probably knew what they were doing, but they coded it for a much older version. Whenever anyone tries to purchase OR process a gift card (end users and admins), the site speed slows to a crawl. Actually, the word "crawl" seems speedy, compared to how the site performs. All slow pages reference this bit of code, which I think is a custom partial filter for CSS pages. Code: public static void CheckSSL(string root, string rootSecure){ HttpContext httpContext = HttpContext.Current; if (!httpContext.Request.IsSecureConnection){ System.Text.StringBuilder sb = new System.Text.StringBuilder(); sb.Append(httpContext.Request.Url.ToString()); if (sb.ToString().IndexOf(rootSecure) < 0){ sb.Replace(root,rootSecure); httpContext.Response.Redirect(sb.ToString()); } } } I've found this article, but can't seem to apply it to my own code (meaning, I'm still pretty clueless when it comes to this): http://blog.salvoz.com/2009/04/25/PartialSSLAndAuthorizationWithAspNetMVCRevisited.aspx Can anyone clue me in as to how to rewrite the above code and "free up the flow" on my site? You'll have my gratitude forever!
You maybe right that your site is slowing down on accessing ssl protected pages, but I'm not convinced it's specifically related to the code snip you posted because that bit of code simply performs a redirect if a user attempts to access an ssl page without using https at the start of the url. Here's a little example to demonstrate what this code does You have a page at the url https://www.mysite.com/protected.aspx A user attempts to access the page using the url http://www.mysite.com/protected.aspx The CheckSSL function is executed and it recognizes that https has not been used, replaces http with https and performs the redirect to ensure that protected.aspx is accessed using ssl. You can easily prove this theory by accessing one of your protected pages using https. If you do this and it's still slow then it's definitely nothing to do with the CheckSSL function. In short it doesn't look like CheckSSL is the culprit but finding the core of the problem is going to be difficult for you without the right software development tools.
...Nice Joe. ;-) Mr. Boxcar...(Nice sound to it)...I'd take a look, first, at the remote service being called. Keep posting, many of us will do our best to get you through this. All the best, Mark
Thanks all, I definitely should try and dissect the code I'm posting before I do so! Feel a bit silly now. I can usually figure out the issue if it's *not working*, but when it works, just sloooowly? What a nightmare!
Alright, so where can I find what remote service is being called? Is in the securityconfiguration.config settings that I have? Can anyone point me to a good article about it? Thank you so much for putting up with my ignorance!
...To be honest we'd need some sorta magic to know that without looking. ;-) If you don't have a local person you trust to look over the code I'd suggest asking Joe. PM him but realize it will require syncing the site with VS to just take a look. At any rate, you need someone you can trust to just look around. All the best, Mark
What, magic's too much to expect? I do have VS, but I'm just stumbling around in it right now. I'm going to check with a friend first (luckily living in Seattle means no shortage of MS friends, some of which do know this stuff), but I may see about harassing Joe, if he's willing. Thanks so much for pointing me in the right direction!