IIS Default Redirect

Question

In IIS7, if the default redirect at the website level is a relative path, how to make the default redirect is on https and not http.

Currently if the host is: abc.com and the login page is abc.com/myapp/login.aspx, I set the default redirect (IIS manager -> HTTPRedirect) to /myapp/login.aspx. So, if the user enters abc.com in his browser address bar, he gets redirected to http://abc.com/myapp/login.aspx. I want to make sure the user gets redirected to http*s*://abc.com/myapp/login.aspx.

Would it need a web.config at the root level?

Note that this cannot be done in asp.net code, because the asp.net code is not involved in the processing of this request

Edit: One way to do it is having a "default" web app i.e. web app deployed at the root (web site) level and then use the standard redirection module available with asp.net. Any thoughts on pros, cons?

Answer 1

Finally we came up with 3 different options:

1. Use an index.htm at the "Web Site" level and put a javascript that would set the window.location.href to the https URL.
2. Use the IIS URL rewrite module
3. Use a custom asp.net module to do the redirection to a https URL. The dll for this module will be registered in GAC and the module configured at the "Web Site" level. The registration in GAC is necessary because the module will be invoked for the child applications of the "Web Site"

The option 3 was selected based on :

1. Ease of Deployment. Installing the rewrite module on all the front end servers is more complex than installing a dll in GAC
2. Support for non-browser User Agents that will not parse the javascript. This eliminates option 1.