SSL on single page within ASP.NET application?

Ben Fidge

Is is possible to make just a single page within an ASP.NET application use
SSL?

I've written an e-commerce application and want to make just the checkout
page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page in it's
own application, what's the best way to pass data between the two
applications? If at all possible, I'd like to avoid using querystrings.

Thanks

Ben

Nov 18 '05 #1

Hans Kesting

Ben Fidge wrote:

Is is possible to make just a single page within an ASP.NET
application use SSL?

I've written an e-commerce application and want to make just the
checkout page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page
in it's own application, what's the best way to pass data between the
two applications? If at all possible, I'd like to avoid using
querystrings.
Thanks

Ben

Session is out: the SSL part is a different application from the non-SSL part.
(even if it's possible to have both in a single application, the *browser* treats
the SSL site as different, and will not send the session-cookie).

A shared Database is a good option, pass a GUID (difficult to guess correctly)
in the querystring to point to the correct data.

Hans Kesting

Nov 18 '05 #2

Steven

There is a great module on the code project (www.codeproject.com) called
"Secure Webpage Module". I recommend you check it out.
"Hans Kesting" <ne***********@spamgourmet.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...

Ben Fidge wrote:

Is is possible to make just a single page within an ASP.NET
application use SSL?

I've written an e-commerce application and want to make just the
checkout page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page
in it's own application, what's the best way to pass data between the
two applications? If at all possible, I'd like to avoid using
querystrings.
Thanks

Ben

Session is out: the SSL part is a different application from the non-SSL
part.
(even if it's possible to have both in a single application, the *browser*
treats
the SSL site as different, and will not send the session-cookie).

A shared Database is a good option, pass a GUID (difficult to guess
correctly)
in the querystring to point to the correct data.

Hans Kesting

Nov 18 '05 #3

Ben Fidge

Hi Steve,

Couldn't find that article on CodeProject.

Thanks

Ben

"Steven" <ms******@berkovitz.org> wrote in message
news:uC**************@TK2MSFTNGP10.phx.gbl...

There is a great module on the code project (www.codeproject.com) called
"Secure Webpage Module". I recommend you check it out.
"Hans Kesting" <ne***********@spamgourmet.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...

Ben Fidge wrote:

Is is possible to make just a single page within an ASP.NET
application use SSL?

I've written an e-commerce application and want to make just the
checkout page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page
in it's own application, what's the best way to pass data between the
two applications? If at all possible, I'd like to avoid using
querystrings.
Thanks

Ben

Session is out: the SSL part is a different application from the non-SSL
part.
(even if it's possible to have both in a single application, the
*browser* treats
the SSL site as different, and will not send the session-cookie).

A shared Database is a good option, pass a GUID (difficult to guess
correctly)
in the querystring to point to the correct data.

Hans Kesting

Nov 18 '05 #4