By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
431,819 Members | 1,459 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 431,819 IT Pros & Developers. It's quick & easy.

Security Login

P: n/a
PW

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 6 '06 #1
Share this Question
Share on Google+
8 Replies


P: n/a
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW

Jun 7 '06 #2

P: n/a
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au>
wrote:
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?


What's a Public Domain Security?

Jeff
Jun 7 '06 #3

P: n/a
Yes

it is easier to have the users enter into a database, but you must then make
sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW

Jun 7 '06 #4

P: n/a
PW

Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.

Thank!


"Slim" <me@here.com> wrote in message
news:ea**************@TK2MSFTNGP02.phx.gbl...
Yes

it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 7 '06 #5

P: n/a
PW

"Jeff Cochran" <je*********@zina.com> wrote in message
news:44****************@msnews.microsoft.com...
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au>
wrote:
I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?


What's a Public Domain Security?

Jeff

Sorry, I should have explained better. Its a login page (ASP) that I got
off planet source code, a la public domain, free to use.


Jun 7 '06 #6

P: n/a
PW

Sorry, that was a typo, I mean Public Domain login page.

Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.

My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication).


"Kyle Peterson" <ky*****@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP05.phx.gbl...
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW


Jun 7 '06 #7

P: n/a
ya, nothing wrong with forms based authentication
just make sure its is secure and safe from SQL injection .. etc etc

www.aspprotect.com has a free app worth checking out as well

take care

"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e%****************@TK2MSFTNGP04.phx.gbl...

Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.

Thank!


"Slim" <me@here.com> wrote in message
news:ea**************@TK2MSFTNGP02.phx.gbl...
Yes

it is easier to have the users enter into a database, but you must then
make sure that each page checks for he users authentication

a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW



Jun 7 '06 #8

P: n/a

"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e$**************@TK2MSFTNGP04.phx.gbl...

Sorry, that was a typo, I mean Public Domain login page.

Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.

My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication).

That would depend on the implementation of login page. If it sends the
password as a form field then it's not as secure as using windows
authentication. If it uses a challange/response mechanism then it is.

"Kyle Peterson" <ky*****@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP05.phx.gbl...
your really are not being real clear on what your doing.

"punlic domain security login page "

what the heck does that mean ? I can come up with about 4 possible things just off the top of my head.


"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl...

I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the
users. Previously I used windows authentication.

Is this the method most people use ?

Whats the est method ?

Whats the upside and downside to the method I am using now ?

TIA,
PW



Jun 7 '06 #9

This discussion thread is closed

Replies have been disabled for this discussion.