I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
8  3470 
your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigp ond.net.au>
wrote: I've added a punlic domain security login page to one of my web
applications . I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
What's a Public Domain Security?
Jeff
Yes
it is easier to have the users enter into a database, but you must then make
sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.
Thank!
"Slim" <me@here.com> wrote in message
news:ea******** ******@TK2MSFTN GP02.phx.gbl... Yes
it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
"Jeff Cochran" <je*********@zi na.com> wrote in message
news:44******** ********@msnews .microsoft.com. .. On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigp ond.net.au>
wrote:
I've added a punlic domain security login page to one of my web
application s. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
What's a Public Domain Security?
Jeff
Sorry, I should have explained better. Its a login page (ASP) that I got
off planet source code, a la public domain, free to use.
Sorry, that was a typo, I mean Public Domain login page.
Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.
My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication) .
"Kyle Peterson" <ky*****@hotmai l.com> wrote in message
news:OD******** ******@TK2MSFTN GP05.phx.gbl... your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
ya, nothing wrong with forms based authentication
just make sure its is secure and safe from SQL injection .. etc etc www.aspprotect.com has a free app worth checking out as well
take care
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:e%******** ********@TK2MSF TNGP04.phx.gbl. ..
Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.
Thank!
"Slim" <me@here.com> wrote in message
news:ea******** ******@TK2MSFTN GP02.phx.gbl... Yes
it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:e$******** ******@TK2MSFTN GP04.phx.gbl...
Sorry, that was a typo, I mean Public Domain login page.
Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.
My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication) .
That would depend on the implementation of login page. If it sends the
password as a form field then it's not as secure as using windows
authentication. If it uses a challange/response mechanism then it is.
"Kyle Peterson" <ky*****@hotmai l.com> wrote in message
news:OD******** ******@TK2MSFTN GP05.phx.gbl... your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible
things just off the top of my head.
"PW" <pw***@SPAMbigp ond.net.au> wrote in message
news:eL******** ******@TK2MSFTN GP02.phx.gbl...
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to
a couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: PaulThomas |
last post by:
I am fighting with XP-Pro and VS.Net trying to allow some of the pages in my
application to be accessable by 'all' I am using <authentication
mode="Forms" /> and if I Login - everything works fine. My code comes from
a walkthrough (I am learning) and I am currently using
(User.Identity.IsAuthenticated) in the Login.aspx page to validate UserID
against my database (I like it).
What I need is a 'simple' method by which I can set some...
|
by: Angelos Karantzalis |
last post by:
Is there a way to set Permissions based on user roles by using some
configuration file for my application ?
I'm coming from a Java background, where that could very easily be
accomplished but although I've searched around MSDN I can't find a clear
answer to this ...
Thanks a lot guys,
Angel
|
by: MW |
last post by:
Hi,
I'm trying to secure my application.
I'm using forms authentication and I check passwords
against a database.
I have a login.aspx page in the root of my application,
pages that I want to restrict access to are in a folder
below the root called 'secure'.
|
by: Friends |
last post by:
Hi
I need to set security for row level but not based on Database user's
login. It should be based on the user table login. For the particular
user I need to allow only the particular records to access insert,
update delete and select.
Let me explain clearly
For example think we are using asp/asp.net website
|
by: RAB |
last post by:
I have created a folder which I named 'Security' with the path
....Inetpub/wwwroot/Security
Within the 'Security' folder, I have placed three files. Web.config,
default.aspx and login.aspx
The three folders have the following code:
' web.config
<configuration>
| | |
by: Sergio E. |
last post by:
Hello,
I have a problem with masterpages and forms security.
I made a new Web site, in which I have my page of login like of beginning, a
master page with only a sitemappath object in it, the file of map of the
site,
the web.config and another page to do tests.
|
by: Sergio E. |
last post by:
Hello,
I have a problem with masterpages and forms security.
I made a new Web site, in which I have my page login.aspx as the homepage ,
a master page with only a sitemappath object in it, the file of map of the
site,
the web.config and another page to do tests.
In the page redirected from login there are a label and a combo (dropdown)
|
by: Matt MacDonald |
last post by:
Hi all,
I've been debating for a while (basically since asp.net 2.0 came out) on
using the built in mebership classes to handle user management in my web
apps. I seem to keep coming upon roadblocks that keep me from jumping in.
Well this time is no different. While trying to use an asp.net
sqlmembershipprovider to create a new user, I get the following error:
Server Error in '/' Application....
|
by: RedHair |
last post by:
I use the Form Authentication and Role base security to secure one ASP.NET
3.5 appication.
Below are security settings in web.config
<location path="testAdmin.aspx">
<system.web>
<authorization>
<allow roles="Admin"/>
<deny users="*"/>
</authorization>
|
by: VictorG |
last post by:
Hello,
I am trying to secure a webservice using WSE 3.0 and the turnkey
usernameForCertificateSecurity profile. I am passing a valid username
token, and on the server I have overridden the Authenticate token
call
and it is being called. My ASP.NET service has a Login() method and
it is being called during client application startup. Both the client
and service have matching policy config files. Once authentication
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
