Hi Trevor,
Welcome to ASPNET newsgroup.
From your description ,you're using Form based authentication in your asp.
net web app and have use cookieless based implementation?
As far as I know, the ASP.NET's buildin formsauthenticaiton dosn't support
cookieless,(only cookieless session state is supported). So is your
cookieless auhtentication based on your custom implementation? Also, as
you mentioned that you've turn anonymous access off in your sub directory,
do you means the IIS's anomymous access or the access in your custom
authentication schema? Anyway, I don't think cookieless setting on server
will have particular requirement on the clientside's privacy setting. Is
there any other particular things in your authentication mechanism?
Thanks,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| From: "Trevor" <cl**********@nospam.nospam>
| Subject: Cookieless forms and Privacy
| Date: Mon, 18 Jul 2005 11:39:07 +0100
| Lines: 14
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <uQ**************@TK2MSFTNGP14.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: clariongrade.demon.co.uk 80.177.205.197
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP14.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:112806
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Hi
|
| I have built a site with some secure pages, in a subdirectory with
anonymous
| access off, and cookeless forms security.
|
| I thought that this would be accessible to all without the need for Low
| Privacy setting. In fact the users still need low privacy.
|
| What am I doing wrong?
|
| Thanks
| Trevor
|
|
|
