I have a question about best practices when I use SSL and SharePoint. My scenario is:
I have a WebApplication where allow anonymous access to public, windows authentication to the content editor and a FBA to the external users. The public area should works without SSL and the restrict area with SSL.
My question is what's best to do, create a new WebApplication to the restrict area or even extend it? Or keep only one WebApplication and create a partial SSL(Is it possible?)
If I extend it to a new port 443 for example my public area will be avaible on it and the users could be access it via HTTPS(SSL) I really don't want to give this possibility to that.
Another question is in my application the login(FBA) is a webpart that's in a masterpage, this means that my login webpart is in a HTTP website and I need to log in restrict area that is HTTPS(SSL) area. How the best form to do that?
Thanks in advanced.
View Complete Post