Re: AuthenticateRequest in Global.asax and a custom HTTP Module
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 05/26/05
- Next message: Dominick Baier [DevelopMentor]: "Re: Single Sign-On with Forms Authentication"
- Previous message: Dominick Baier [DevelopMentor]: "Re: URGENT: please help ASP.NET Forms authentication and recycling of application pool"
- In reply to: Leslie: "Re: AuthenticateRequest in Global.asax and a custom HTTP Module"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 May 2005 00:13:05 -0700
Hello Leslie,
the difference of global.asax and a httpModule is packaging. the module is
a dll (which can be potentially shared or GACed) - global.asax is always
local to that one app.
But if you are using WebServices - you should consider using WSE with UsernameTokens
- i don't think you should roll your own authentication scheme!
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Thanks for helpine me here. If I understand you correctly, I think
> you are talking about form authentication. However, since I am
> writing a web service application, I can't use this approach. That is
> why I am thinking to use AuthenticateRequest from either the
> Blobal.asax or a custom HTTP module. But I am not sure about the
> difference of these two. Do you know?
>
> "Brock Allen" wrote:
>
>>> I think that I could put my authentication code in
>>> AuthenticateRequest event in either Global.asax or in a custom HTTP
>>> module. However, I don't know what is the difference between them.
>>> And is there any implication if I make the choice of one way or the
>>> other?
>>>
>> Authentication is done in your custom login page. Once you are
>> confident the user has provided proper credentials you then want to
>> call FormsAuthentication.SetAuthCookie or
>> FormsAuthentication.RedirectFromLoginPage. This will issue a cookie
>> that will identify the user.
>>
>> So, in short, you just need to build the login page.
>>
>> -Brock
>> DevelopMentor
>> http://staff.develop.com/ballen
- Next message: Dominick Baier [DevelopMentor]: "Re: Single Sign-On with Forms Authentication"
- Previous message: Dominick Baier [DevelopMentor]: "Re: URGENT: please help ASP.NET Forms authentication and recycling of application pool"
- In reply to: Leslie: "Re: AuthenticateRequest in Global.asax and a custom HTTP Module"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
