We use Microsoft Exchange at work, and a lot of people access it via Outlook Web Access. Shortly after installing Exchange, many years ago, I obtained a real SSL certificate from Thawte and secured the OWA web. Trouble is, if people happen to type in http://owa.example.com IIS just posts an error and does not redirect them to the https: url. I just dropped an index.htm file into the directory with a refresh meta-tag to redirect them to the SSL site. This has bothered me for a bit, as I really wanted to do it with a 301 redirect in the HTTP response header.
So, a bit of tinkering, and some reading – notably http://kojiroh.wordpress.com/2006/09/06/hello-world/ and I came up with some classic ASP code that would do the necessary for me.
<%
Response.Status="301 Moved Permanently"
Response.AddHeader "Location", "https://owa.example.com/owa"
%>
Stick this into whatever your server’s default document is, in my case default.asp and it neatly does a 301 redirect to the correct site, including the /owa directory for OWA 2007. It also works for folks using https: but not putting the /owa at the end. You will obviously need to activate .asp on your server for this to work if you have not already done so. When installing Exchange it does not activate active server pages, as OWA is developped in .NET. To do this, expand “Web Service Connections” in your IIS Services Manager MMC Snapin, and find the “Active Server Pages” web service extention. Change it from “Prohibited” to “allowed”. If you don’t take this step, IIS will send a “404 Not Found” return code when you call your default.asp script – which is a little confusing.
Also, bear in mind that you are opening another way for the server to run server side scripts, so you need to be aware of the potential implications of tunring on .asp processing on your server.
You can of course do this with asp.NET as well. The code you need to place on your server in a .aspx file this time is:
<script language="c#" runat="server">
private void Page_Load(object sender, System.EventArgs e)
{
Response.Status = "301 Moved Permanently";
Response.AddHeader("Location","https://owa.example.com/owa");
}
</script>
The first line, <script language="c#" runat="server"> has been set to tell the server that you are executing C# code, as the asp.NET settings on my server defaulted to vb.NET. You may find that your server gives you a 404 error when trying this. If that happens, it is because asp.NET is not enabled on the webroot where you have placed your .aspx file. To fix this, right-click on the containing folder in IIS Management MMC Snapin, and select the “ASP.NET” tab. Make sure that you have the correct version of ASP, in my case 2.0.50727 showing in the ASP.NET version field. I would also consider not running this script in the same application as OWA, so under the home-directory tab, either create a new application, or use the “Default Application”, provided your server is not also doing something else in there.
Problem solved… simple eh!
