473,698 Members | 2,522 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

ASP.NET /Classic ASP Security Mix

J
Hi all, is there a recommended approach to integrate ASP.NET security features in a classic ASP app? My general idea is to create a front end sign in process to authenticate the user and issue an authentication ticket that the ASP pages could somehow use to identify the user. Has someone already solved this?

Thanks
Nov 18 '05 #1
1 1455
I've done this before, basically I created a cookie where I stored the username and a md5 hash of the username & a shared key. Then when my asp pages get presented with this cookie, I recreate a test hash based on the username/key, and that better match up to the hash created in the cookie!

This kind of authentication can work both ways too, I'm in the slow process of converting an asp website into asp.net, the asp login page still exists. So when they login with that, I set up this secure cookie, then on the first request of the asp.net page, I authenticate the client with this cookie, and then set up a formsauthentica tionticket, and use that for all future requests. Works great!

--Michael
"J" <J@discussions. microsoft.com> wrote in message news:71******** *************** ***********@mic rosoft.com...
Hi all, is there a recommended approach to integrate ASP.NET security features in a classic ASP app? My general idea is to create a front end sign in process to authenticate the user and issue an authentication ticket that the ASP pages could somehow use to identify the user. Has someone already solved this?

Thanks

Nov 18 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

99
6116
by: Jim Hubbard | last post by:
It seems that Microsoft not only does not need the classic Visual Basic developer army (the largest army of developers the world has ever seen), but now they don't need ANY Windows developer at a small or mid-sized business. http://groups-beta.google.com/group/microsoft.public.msdn.general/browse_thread/thread/9d7e8f9a00c1c7da/459ca99eb0e7c328?q=%22Proposed+MSDN+subscription+changes%22&rnum=1#459ca99eb0e7c328 Damn! To be that...
3
1912
by: Web Webon | last post by:
Hi everybody! I wonder if this is possible? I need to determine if a client is using "windows classic folders" or anything else. If I instantiate a Shell ActiveX object is there a way of obtaining this information from javascript? (I know that the user will get prompted about allowing such an operation, but I am willing to live with this). Because of the way one of my pages work, I need to know this information in order to "cover up"...
3
2145
by: bill | last post by:
I need to open a asp.net web form from a classic asp page, and pass a username and password to the asp.net page. The username and password exist as session variables in the classic asp application. I can't put the password in the classic asp page form as a hidden field and submit it, because someone can view source and see the password. This is a security problem I encounter in a mixed classic asp and asp.net environment. I don't...
5
2950
by: Velvet | last post by:
Can someone tell me to what process I need to attach to be able to step through my classic ASP code in VS.net 2003. I'm working on an XP box with IIS installed. I also have VS.net 2005 (The final, never installed beta) installed on this box if it makes a difference (I did not install VS Development Web Server as I'm already using the XP web server). I've seen that I need to attach to the native IIS engine, but I don't know what it's...
2
2850
by: MartyNg | last post by:
I am running a system that has both Classic ASP applications and a smattering of ASP.NET applications. We want to store passwords on a SQL Server table as their MD5 hashes. What is the safest way to get this hash value, and be able to verify it against user logins in both Classic ASP and ASP.NET? We have been working with the system.security.cryptopgraphy MD5 functions in .NET, and the functions here for Classic ASP...
4
1354
by: Matt | last post by:
I am in the process of creating a security control object in VB.NET. This object will be utilized from classic ASP (Asp 2.0) applications that reside on our Intranet (as well as ASP.NET pages as they are developed). What is the best way to access this object from my classic ASP pages? Based on this, what is the Visual Studio 2005 project type that I want to select? With VB 6, I would create .dll and register it on the web server. Is...
0
1339
by: Atlbike | last post by:
I would like to know if anyone has ever heard of a security solution for preventing cross-site scripting attacks in classic asp. ASP.NET 1.1 provided a built in validateRequest feature that throws a security exception whenever there is a < and character combination in the request/forms collection. Does anyone know of a server solution that you can install on IIS that will provide this same functionality? The only solution I have come up...
7
2156
by: tanya.wang | last post by:
I have a system written in classic asp and a lot of Javascript. Due to its performance and security issue, we decided to re-write this big module. I heard that C/C++ has a better support in performance and security (relatively) but here comes my questions: 1. Can ASP talk to C/C++? Because from my experience I use C/C++ mainly for application console. 2. If I want to exclude most of the Javascript and use other programming language...
11
3327
by: Jan T. | last post by:
I wonder if anybody know a web site that has a good tutorial on this subject. What I want to do, is make a log in Page, and make sure that all my pages is validating that the user is loged in until he or she logs out. May be someone would like to give an example in this news group too? Thank you for any help! BTW, I am using Access 2000 and classic ASP.
0
8608
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9164
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
9029
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
8898
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
7734
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
5860
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4370
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
1
3051
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
3
2006
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.