I've added a punlic domain security login page to one of my web
applications. I did this because the number of users has increased to a
couple of dozen, and having them all added as users on my machine was
becoming cumbersome. I find this method a lot easier to manage the users.
Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA,
PW 8 3452
your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible things
just off the top of my head.
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au>
wrote: I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
What's a Public Domain Security?
Jeff
Yes
it is easier to have the users enter into a database, but you must then make
sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session
variable to say that they are in fact logged in, and then make sure you
check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
Cool ... I am already setting a session variable to TRUE when the user is
authenticated successfully. This variable is checked in an include file
which I already had at the top of each ASP. so it sounds like I'm covered.
Thank!
"Slim" <me@here.com> wrote in message
news:ea**************@TK2MSFTNGP02.phx.gbl... Yes
it is easier to have the users enter into a database, but you must then make sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session variable to say that they are in fact logged in, and then make sure you check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
"Jeff Cochran" <je*********@zina.com> wrote in message
news:44****************@msnews.microsoft.com... On Wed, 7 Jun 2006 06:50:21 +0800, "PW" <pw***@SPAMbigpond.net.au> wrote:
I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
What's a Public Domain Security?
Jeff
Sorry, I should have explained better. Its a login page (ASP) that I got
off planet source code, a la public domain, free to use.
Sorry, that was a typo, I mean Public Domain login page.
Its a login page (ASP) that I got off planet source code, a la public
domain, free to use.
My main concern is, is using an ASP login process with database lookup as
safe and secure as what I was using before (windows authentication).
"Kyle Peterson" <ky*****@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP05.phx.gbl... your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible things just off the top of my head.
"PW" <pw***@SPAMbigpond.net.au> wrote in message news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
ya, nothing wrong with forms based authentication
just make sure its is secure and safe from SQL injection .. etc etc www.aspprotect.com has a free app worth checking out as well
take care
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e%****************@TK2MSFTNGP04.phx.gbl... Cool ... I am already setting a session variable to TRUE when the user is authenticated successfully. This variable is checked in an include file which I already had at the top of each ASP. so it sounds like I'm covered.
Thank!
"Slim" <me@here.com> wrote in message news:ea**************@TK2MSFTNGP02.phx.gbl... Yes
it is easier to have the users enter into a database, but you must then make sure that each page checks for he users authentication
a way to do this is have them login and if successful assign a session variable to say that they are in fact logged in, and then make sure you check for that variable on each secure page
"PW" <pw***@SPAMbigpond.net.au> wrote in message news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
"PW" <pw***@SPAMbigpond.net.au> wrote in message
news:e$**************@TK2MSFTNGP04.phx.gbl... Sorry, that was a typo, I mean Public Domain login page.
Its a login page (ASP) that I got off planet source code, a la public domain, free to use.
My main concern is, is using an ASP login process with database lookup as safe and secure as what I was using before (windows authentication).
That would depend on the implementation of login page. If it sends the
password as a form field then it's not as secure as using windows
authentication. If it uses a challange/response mechanism then it is.
"Kyle Peterson" <ky*****@hotmail.com> wrote in message news:OD**************@TK2MSFTNGP05.phx.gbl... your really are not being real clear on what your doing.
"punlic domain security login page "
what the heck does that mean ? I can come up with about 4 possible
things just off the top of my head.
"PW" <pw***@SPAMbigpond.net.au> wrote in message news:eL**************@TK2MSFTNGP02.phx.gbl... I've added a punlic domain security login page to one of my web applications. I did this because the number of users has increased to
a couple of dozen, and having them all added as users on my machine was becoming cumbersome. I find this method a lot easier to manage the users. Previously I used windows authentication.
Is this the method most people use ?
Whats the est method ?
Whats the upside and downside to the method I am using now ?
TIA, PW
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: PaulThomas |
last post by:
I am fighting with XP-Pro and VS.Net trying to allow some of the pages in my
application to be accessable by 'all' I am using <authentication
mode="Forms" /> and if I Login - everything works...
|
by: Angelos Karantzalis |
last post by:
Is there a way to set Permissions based on user roles by using some
configuration file for my application ?
I'm coming from a Java background, where that could very easily be
accomplished but...
|
by: MW |
last post by:
Hi,
I'm trying to secure my application.
I'm using forms authentication and I check passwords
against a database.
I have a login.aspx page in the root of my application,
pages that I want...
|
by: Friends |
last post by:
Hi
I need to set security for row level but not based on Database user's
login. It should be based on the user table login. For the particular
user I need to allow only the particular records to...
|
by: RAB |
last post by:
I have created a folder which I named 'Security' with the path
....Inetpub/wwwroot/Security
Within the 'Security' folder, I have placed three files. Web.config,
default.aspx and login.aspx
...
|
by: Sergio E. |
last post by:
Hello,
I have a problem with masterpages and forms security.
I made a new Web site, in which I have my page of login like of beginning, a
master page with only a sitemappath object in it, the...
|
by: Sergio E. |
last post by:
Hello,
I have a problem with masterpages and forms security.
I made a new Web site, in which I have my page login.aspx as the homepage ,
a master page with only a sitemappath object in it, the...
|
by: Matt MacDonald |
last post by:
Hi all,
I've been debating for a while (basically since asp.net 2.0 came out) on
using the built in mebership classes to handle user management in my web
apps. I seem to keep coming upon...
|
by: RedHair |
last post by:
I use the Form Authentication and Role base security to secure one ASP.NET
3.5 appication.
Below are security settings in web.config
<location path="testAdmin.aspx">
<system.web>...
|
by: VictorG |
last post by:
Hello,
I am trying to secure a webservice using WSE 3.0 and the turnkey
usernameForCertificateSecurity profile. I am passing a valid username
token, and on the server I have overridden the...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
| |