473,729 Members | 2,359 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

ASP.NET /Classic ASP Security Mix

J
Hi all, is there a recommended approach to integrate ASP.NET security features in a classic ASP app? My general idea is to create a front end sign in process to authenticate the user and issue an authentication ticket that the ASP pages could somehow use to identify the user. Has someone already solved this?

Thanks
Nov 18 '05 #1
1 1457
I've done this before, basically I created a cookie where I stored the username and a md5 hash of the username & a shared key. Then when my asp pages get presented with this cookie, I recreate a test hash based on the username/key, and that better match up to the hash created in the cookie!

This kind of authentication can work both ways too, I'm in the slow process of converting an asp website into asp.net, the asp login page still exists. So when they login with that, I set up this secure cookie, then on the first request of the asp.net page, I authenticate the client with this cookie, and then set up a formsauthentica tionticket, and use that for all future requests. Works great!

--Michael
"J" <J@discussions. microsoft.com> wrote in message news:71******** *************** ***********@mic rosoft.com...
Hi all, is there a recommended approach to integrate ASP.NET security features in a classic ASP app? My general idea is to create a front end sign in process to authenticate the user and issue an authentication ticket that the ASP pages could somehow use to identify the user. Has someone already solved this?

Thanks

Nov 18 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

99
6216
by: Jim Hubbard | last post by:
It seems that Microsoft not only does not need the classic Visual Basic developer army (the largest army of developers the world has ever seen), but now they don't need ANY Windows developer at a small or mid-sized business. http://groups-beta.google.com/group/microsoft.public.msdn.general/browse_thread/thread/9d7e8f9a00c1c7da/459ca99eb0e7c328?q=%22Proposed+MSDN+subscription+changes%22&rnum=1#459ca99eb0e7c328 Damn! To be that...
3
1915
by: Web Webon | last post by:
Hi everybody! I wonder if this is possible? I need to determine if a client is using "windows classic folders" or anything else. If I instantiate a Shell ActiveX object is there a way of obtaining this information from javascript? (I know that the user will get prompted about allowing such an operation, but I am willing to live with this). Because of the way one of my pages work, I need to know this information in order to "cover up"...
3
2149
by: bill | last post by:
I need to open a asp.net web form from a classic asp page, and pass a username and password to the asp.net page. The username and password exist as session variables in the classic asp application. I can't put the password in the classic asp page form as a hidden field and submit it, because someone can view source and see the password. This is a security problem I encounter in a mixed classic asp and asp.net environment. I don't...
5
2957
by: Velvet | last post by:
Can someone tell me to what process I need to attach to be able to step through my classic ASP code in VS.net 2003. I'm working on an XP box with IIS installed. I also have VS.net 2005 (The final, never installed beta) installed on this box if it makes a difference (I did not install VS Development Web Server as I'm already using the XP web server). I've seen that I need to attach to the native IIS engine, but I don't know what it's...
2
2854
by: MartyNg | last post by:
I am running a system that has both Classic ASP applications and a smattering of ASP.NET applications. We want to store passwords on a SQL Server table as their MD5 hashes. What is the safest way to get this hash value, and be able to verify it against user logins in both Classic ASP and ASP.NET? We have been working with the system.security.cryptopgraphy MD5 functions in .NET, and the functions here for Classic ASP...
4
1355
by: Matt | last post by:
I am in the process of creating a security control object in VB.NET. This object will be utilized from classic ASP (Asp 2.0) applications that reside on our Intranet (as well as ASP.NET pages as they are developed). What is the best way to access this object from my classic ASP pages? Based on this, what is the Visual Studio 2005 project type that I want to select? With VB 6, I would create .dll and register it on the web server. Is...
0
1342
by: Atlbike | last post by:
I would like to know if anyone has ever heard of a security solution for preventing cross-site scripting attacks in classic asp. ASP.NET 1.1 provided a built in validateRequest feature that throws a security exception whenever there is a < and character combination in the request/forms collection. Does anyone know of a server solution that you can install on IIS that will provide this same functionality? The only solution I have come up...
7
2157
by: tanya.wang | last post by:
I have a system written in classic asp and a lot of Javascript. Due to its performance and security issue, we decided to re-write this big module. I heard that C/C++ has a better support in performance and security (relatively) but here comes my questions: 1. Can ASP talk to C/C++? Because from my experience I use C/C++ mainly for application console. 2. If I want to exclude most of the Javascript and use other programming language...
11
3332
by: Jan T. | last post by:
I wonder if anybody know a web site that has a good tutorial on this subject. What I want to do, is make a log in Page, and make sure that all my pages is validating that the user is loged in until he or she logs out. May be someone would like to give an example in this news group too? Thank you for any help! BTW, I am using Access 2000 and classic ASP.
0
8921
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8763
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9427
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
9202
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
8151
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
4796
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
3238
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
2683
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2165
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.