Webform does have validation to ensure that the data is being posted
to itself by checking a hash value in the viewstate.
However, I don't think posting to another webform will make your web
application less secure.
ASP.NET does have a few additional feature the makes it easier to
implement a secure web application. However, ASP.NET alone will not
make your website very secure. You will still need to have a secure
infrastructure that is independent of ASP.NET, such as using firewall,
intrusion detection system, SSL, machine configurations...
I think you will be able to port all your existing code from ASP to
ASP.NET without posting any new security risk to your system.
One questions I have is that how third page knows when the processing
of creating an AD user is complete? Does it pool the web server
constantly?
Tommy,
"Bill Smith" <no@spam.com> wrote in message news:<uW*************@tk2msftngp13.phx.gbl>...
I have a ASP webpage that creates user accounts. It currently use the format
as follows.
First Page:
Input boxes that get Firstname and Lastname and Department etc.
JavaScript Validation
If correct posts information to Second Page
Second Page:
Makes a username, email address and displayname from given info then checks
active directory to see if it exists. If it does exist it try's again until
it finds a unused one.
Then posts to third page:
Third Page:
Popup Window
Displays the progress of creating the AD account and setting all the
information.
Once complete sends email and closes.
I want to convert this to ASP.NET. The problem is I want to keep it very
secure. Im reading I should posts each page to itself to get the most out of
ASP.NET.
Any ideas on the best way to go at this.
Thanks
Bill