Re: Ack.. Where do I start?
From: Stephen Barrett (stephen_barrett@nospam.aoncons.com)
Date: 07/17/02
- Next message: Roger Jennings: "Restore Debugging after Upgrade to DC?"
- Previous message: Anu: "Authentication"
- In reply to: Kevin Albert: "Ack.. Where do I start?"
- Next in thread: Stephen Barrett: "Re: Ack.. Where do I start?"
- Reply: Stephen Barrett: "Re: Ack.. Where do I start?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Stephen Barrett" <stephen_barrett@nospam.aoncons.com> Date: Wed, 17 Jul 2002 16:15:00 -0400
Thanks for the links. I will check them out asap. Our requirements do
prevent us from using Windows Authentication. The application will be
available to 10's of thousands of employees per company. We already have
all the employee info in our database and that is where the webid and pin
are stored.
"Kevin Albert" <kjalbert@software.rockwell.com> wrote in message
news:1899401c22c46$e45edbf0$9ae62ecf@tkmsftngxa02...
> The following article might help you ...
>
> http://msdn.microsoft.com/library/default.asp?
> url=/library/en-
> us/mwsdk/html/mwlrfMobileFormsAuthenticationClass.asp
>
>
> The following listing suggests adding a session identifier
> to the URL when cookies are not available:
>
> http://msdn.microsoft.com/library/default.asp?
> url=/library/en-
> us/dnsqlmag01/html/NotYourFathersASPListing_04.asp
>
>
> Do your requirements prevent you from using Windows
> Authentication?
>
>
> Kevin Albert
>
> >-----Original Message-----
> >I have an ASP.NET application that will be available to
> the masses of
> >different companies. I need to secure the application
> using a
> >login/password combo that is stored in a DBMS (currently
> Oracle). I can
> >easily write the code to do the lookup in the DBMS to
> determine if the
> >user/password combo is valid. What I am struggling with
> is the
> >Authentication/Authorization stuff in ASP.NET. Forms
> based security looked
> >promising, but cannot be used because it uses Cookies.
> Can't use them
> >because of higher up requirements. What is the best way
> for me to proceed
> >in securing my application? I thought about storing
> something special in
> >the session object to let me know they sucessfully logged
> in and then
> >checking it on my template page ancestor I use for all
> pages in the
> >application. This doesn't sound too secure to me
> though. What would be
> >great would be able to do like Form based authentication
> without the cookie.
> >
> >Please help. The online help didn't quite educate me
> enough to know what to
> >do. I have also looked at a couple of ASP.NET books and
> they just basically
> >talk about the standard options.
> >
> >Help?
> >
> >SB
> >
> >
> >.
> >
- Next message: Roger Jennings: "Restore Debugging after Upgrade to DC?"
- Previous message: Anu: "Authentication"
- In reply to: Kevin Albert: "Ack.. Where do I start?"
- Next in thread: Stephen Barrett: "Re: Ack.. Where do I start?"
- Reply: Stephen Barrett: "Re: Ack.. Where do I start?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
