Here are the basics... I have 3 websites (same IIS server - but all different sites)... Public (which is .net 5) which is just a static site with information pages. I have OldProvider which is an old asp classic site and NewProvider which is the (currently being) rewritten OldProvider site (in .Net 8).
Public has a login page (to get to the OldProvider) that is literally just forwarding to the OldProvider site login.asp page. This is the form call on the login page on Public
<form action="@Configuration["PortalUrl"]/Login.asp" method="POST">
This all works absolutely fine. The UserName and Password get redirected to the login.asp page on OldProvider and OldProvider handles the login and does what it should do... all good there...
So now we have NewProvider. We are currently only bringing users over in stages, so we have it set that on NewProvider, when they log in, it sees if they should stay in NewProvider or get redirected to OldProvider.
Because I have to actually check NewProvider and see what I should be doing with the user, the code behind has this in the Controller.cs file if they are supposed to go to OldProvider
return Redirect($"{_config["PortalURL"]}/Login.asp");
Now... this works in and of itself that it's taking me to the login.asp file in OldProvider but its not forwarding the request data (username and password) in the redirect.
How can I send the username and password into the redirect so that the classic asp page can read that information and do it's processing.
I've verified that I'm using the same id/name for UserName and Password that are both on Public and OldProvider as far as reading from the request...
This is a case where it may help knowing how HTTP and browsers work. The Redirect method returns the 302 Found status code to the browser, which may change, say, a POST to a GET, thereby losing information from a posted form.
"For historical reasons, a user agent MAY change the request method from POST to GET for the subsequent request. If this behavior is undesired, the 307 (Temporary Redirect) status code can be used instead."
- HTTP Semantics, R. Fielding (Ed.), 2022
As the spec suggests, you may try a 307 (Temporary Redirect) instead. Here's a discussion about how to do that with ASP.NET: Return 307 Temporary Redirect in ASP.NET MVC.