I have asp.net app XYZ which requires SSL. I am supposed to work with IIS that has only one Web Site - DefaultWebSite - containing multiple apps and virtual directories (3rd party).
So, my app is located at domain.com/XYZ. I have to meet these conditions:
1.) requesting DefaultWebSite (domain.com) will run my app. It could redirect to ../XYZ, but I would rather not to. If it has to be done this way, requesting DefaultWebSite or my app over both HTTP and HTTPS will always ends up with redirecting to https://domain.com/XYZ
2.) I can't touch any other apps or virtual directories, can't create additional Web Site, can't set DefaultWebSite to require SSL, ...
EDIT:
3.) transmitted data (GET or POST) must be preserved
I tried to:
set Web Site root directory to my app, but it this caused other apps to crash because of my Web.config (not sure why).
set up HTTP redirect on DefaultWebSite to https://domain.com/XYZ. This seems to work correctly, but this doesn't work if user requests my app directly (redirected to domain.com/XYZ/XYZ, or redirect loop).
set up Default Document, but this seems to work only if it is located in the Web Site root directory.
I know I could write simple .aspx with Response.Redirect, but... is there any better solution? Am I missing something?