473,325 Members | 2,828 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,325 software developers and data experts.

Security Login

PW

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 6 '06 #1
8 3452
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW

Jun 7 '06 #2
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au>
wrote:
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?


What's a Public Domain Security?

Jeff
Jun 7 '06 #3
Yes

it is easier to have the users enter into a database, but you must then make
sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW

Jun 7 '06 #4
PW

Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.

Thank!


"Slim" <me@here.com> wrote in message
news:ea**************@TK2MSFTNGP02.phx.gbl...
Yes

it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 7 '06 #5
PW

"Jeff Cochran" <je*********@zina.com> wrote in message
news:44****************@msnews.microsoft.com...
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au>
wrote:
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?


What's a Public Domain Security?

Jeff

Sorry, I should have explained better. Its a login page (ASP) that I got
off planet source code, a la public domain, free to use.


Jun 7 '06 #6
PW

Sorry, that was a typo, I mean Public Domain login page.

Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.

My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication).


"Kyle Peterson" <ky*****@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP05.phx.gbl...
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 7 '06 #7
ya, nothing wrong with forms based authentication
just make sure its is secure and safe from SQL injection .. etc etc

www.aspprotect.com has a free app worth checking out as well

take care

"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e%****************@TK2MSFTNGP04.phx.gbl...

Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.

Thank!


"Slim" <me@here.com> wrote in message
news:ea**************@TK2MSFTNGP02.phx.gbl...
Yes

it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW



Jun 7 '06 #8

"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e$**************@TK2MSFTNGP04.phx.gbl...

Sorry, that was a typo, I mean Public Domain login page.

Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.

My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication).

That would depend on the implementation of login page. If it sends the
password as a form field then it's not as secure as using windows
authentication. If it uses a challange/response mechanism then it is.

"Kyle Peterson" <ky*****@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP05.phx.gbl...
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW



Jun 7 '06 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: PaulThomas | last post by:
I am fighting with XP-Pro and VS.Net trying to allow some of the pages in my application to be accessable by 'all' I am using <authentication mode="Forms" /> and if I Login - everything works...
12
by: Angelos Karantzalis | last post by:
Is there a way to set Permissions based on user roles by using some configuration file for my application ? I'm coming from a Java background, where that could very easily be accomplished but...
2
by: MW | last post by:
Hi, I'm trying to secure my application. I'm using forms authentication and I check passwords against a database. I have a login.aspx page in the root of my application, pages that I want...
1
by: Friends | last post by:
Hi I need to set security for row level but not based on Database user's login. It should be based on the user table login. For the particular user I need to allow only the particular records to...
0
by: RAB | last post by:
I have created a folder which I named 'Security' with the path ....Inetpub/wwwroot/Security Within the 'Security' folder, I have placed three files. Web.config, default.aspx and login.aspx ...
0
by: Sergio E. | last post by:
Hello, I have a problem with masterpages and forms security. I made a new Web site, in which I have my page of login like of beginning, a master page with only a sitemappath object in it, the...
0
by: Sergio E. | last post by:
Hello, I have a problem with masterpages and forms security. I made a new Web site, in which I have my page login.aspx as the homepage , a master page with only a sitemappath object in it, the...
1
by: Matt MacDonald | last post by:
Hi all, I've been debating for a while (basically since asp.net 2.0 came out) on using the built in mebership classes to handle user management in my web apps. I seem to keep coming upon...
3
by: RedHair | last post by:
I use the Form Authentication and Role base security to secure one ASP.NET 3.5 appication. Below are security settings in web.config <location path="testAdmin.aspx"> <system.web>...
5
by: VictorG | last post by:
Hello, I am trying to secure a webservice using WSE 3.0 and the turnkey usernameForCertificateSecurity profile. I am passing a valid username token, and on the server I have overridden the...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.