I know you can do this:
#if !DEBUG
[RequireHttps] //apply to this action only
#endif
What if you are using Web Farm Framework where "the Controller" server receives an outside SSL 443 request, decrypts it, then forwards it to the Primary / Secondary servers using http 80 (without ssl?)
In this environment, I tried the [RequireHttps] attribute but it responded with "The page isn't redirecting properly" in Firefox. Firefox has detected that the server is redirecting the request for this address in a way that will never complete. It's recognizing it's not SSL, but because it strips off SSL, MVC won't ever see SSL attributes.
How would you rewrite certain action methods to use https in MVC 3 in a web farm? How can you do this with [RequireHttps]
or do you have to cherry pick every URL in your website that requires ssl and "URL Rewrite" it?
EDIT:
I changed the controller to identify port 443 traffic and forward it to https on the web farm. I thought I could get away with only loading the SSL certs on the controller, but they need loaded on the Primary and Secondary as well (or only.)
In your action method you can check for a secure connection:
if(Request.IsSecureConnection())
{
// Secure connection logic here
}