I need to be able to move from one web app on my server to another on the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed in
the url makes any sense from a security standpoint.
--
Barry
23  6756 
How about a secure form post then to a page in the
other web app, carring session info and re-establishing
it?
"barryfz" <ba***@noemail.noemail> wrote in message
news:es**************@TK2MSFTNGP14.phx.gbl... I need to be able to move from one web app on my server to another on the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in the url makes any sense from a security standpoint.
--
Barry
Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form, transfer to
form 2 and the variable will still be there in session.
--
Terry Burns http://TrainingOn.net
"Raymond" <un*******@nothee.net> wrote in message
news:wu0Nf.31433$pE4.25921@trnddc04... How about a secure form post then to a page in the
other web app, carring session info and re-establishing
it?
"barryfz" <ba***@noemail.noemail> wrote in message
news:es**************@TK2MSFTNGP14.phx.gbl... I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in the url makes any sense from a security standpoint.
--
Barry
Terrry
I need to transfer to a page in a different site. I am getting an error
saying I can't do that in server.transfer. Maybe I am doing something wrong.
Barry
"Terry Burns" <me@mine.com> wrote in message
news:u6**************@TK2MSFTNGP12.phx.gbl... Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form, transfer
to form 2 and the variable will still be there in session.
--
Terry Burns
http://TrainingOn.net
"Raymond" <un*******@nothee.net> wrote in message
news:wu0Nf.31433$pE4.25921@trnddc04... How about a secure form post then to a page in the
other web app, carring session info and re-establishing
it?
"barryfz" <ba***@noemail.noemail> wrote in message
news:es**************@TK2MSFTNGP14.phx.gbl... I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in the url makes any sense from a security standpoint.
--
Barry
What you are trying to do is unnatural. The main reason separate
applications exist is so they can maintain separate application state.
That said, there are ways to do it but they are not simple if you're dealing
with very much data. Its a very manual process to pass data between
applications. You can pass data via querystring or a common backend
database, etc.
--
I hope this helps,
Steve C. Orr
MCSD, MVP http://SteveOrr.net
"barryfz" wrote: I need to be able to move from one web app on my server to another on the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed in
the url makes any sense from a security standpoint.
--
Barry
Probably not if the domain is different. There may be
other ways to do it, but the simplest way is to redirect
via a form post and re-establish session using form post
data.
"Terry Burns" <me@mine.com> wrote in message
news:u6**************@TK2MSFTNGP12.phx.gbl... Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form, transfer
to form 2 and the variable will still be there in session.
Barry,
As Steve and others may have pointed out, Server.Transfer only is designed
to work within the current IIS application.
What you would need to do if you do not want to pass session information on
the querystring or as hidden formfields is to set up a custom database or
other persistent storage mechanism to store and then retrieve by
"customSessionId" the information you need once the redirect lands on the new
site.
Peter
--
Co-founder, Eggheadcafe.com developer portal: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
"barryfz" wrote: I need to be able to move from one web app on my server to another on the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed in
the url makes any sense from a security standpoint.
--
Barry
Raymond,
I am not sure what you mean by domain? While these are different apps they
are on the same server, just different sites.
If I pass this a part of post don't I then allow someone to hijack the data
being posted and use it to gain access?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:wO0Nf.31438$pE4.6074@trnddc04... Probably not if the domain is different. There may be
other ways to do it, but the simplest way is to redirect
via a form post and re-establish session using form post
data.
"Terry Burns" <me@mine.com> wrote in message
news:u6**************@TK2MSFTNGP12.phx.gbl... Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form, transfer
to form 2 and the variable will still be there in session.
Steve,
I really just need to pass the authentication.
Barry
"Steve C. Orr" <St***@Orr.net> wrote in message
news:1E**********************************@microsof t.com... What you are trying to do is unnatural. The main reason separate
applications exist is so they can maintain separate application state.
That said, there are ways to do it but they are not simple if you're
dealing
with very much data. Its a very manual process to pass data between
applications. You can pass data via querystring or a common backend
database, etc.
--
I hope this helps,
Steve C. Orr
MCSD, MVP
http://SteveOrr.net
"barryfz" wrote:
I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in
the url makes any sense from a security standpoint.
--
Barry
Sorry, I misread you. This is correct, you cannot use server transfer to a
different site. Applications are isolated from each other and so a session
in one does not relate to a session in another. One way is to preserve the
session valriables in an SQL database but you need to serialie them for
storage and de-serialize them on retreival.
--
Terry Burns http://TrainingOn.net
"barryfz" <ba***@noemail.noemail> wrote in message
news:OC**************@TK2MSFTNGP10.phx.gbl... Terrry
I need to transfer to a page in a different site. I am getting an error
saying I can't do that in server.transfer. Maybe I am doing something
wrong.
Barry
"Terry Burns" <me@mine.com> wrote in message
news:u6**************@TK2MSFTNGP12.phx.gbl... Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form, transfer
to form 2 and the variable will still be there in session.
--
Terry Burns
http://TrainingOn.net
"Raymond" <un*******@nothee.net> wrote in message
news:wu0Nf.31433$pE4.25921@trnddc04... How about a secure form post then to a page in the
other web app, carring session info and re-establishing
it?
"barryfz" <ba***@noemail.noemail> wrote in message
news:es**************@TK2MSFTNGP14.phx.gbl...
I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being
passed
in
the url makes any sense from a security standpoint.
--
Barry
If Authentication is all you need to worry about, then consider using
Windows Integrated Security, this way you wont need a username and password.
This is no use of course if the site is an internet site.
--
Terry Burns http://TrainingOn.net
"barryfz" <ba***@noemail.noemail> wrote in message
news:ut**************@TK2MSFTNGP15.phx.gbl... Steve,
I really just need to pass the authentication.
Barry
"Steve C. Orr" <St***@Orr.net> wrote in message
news:1E**********************************@microsof t.com... What you are trying to do is unnatural. The main reason separate
applications exist is so they can maintain separate application state.
That said, there are ways to do it but they are not simple if you're
dealing
with very much data. Its a very manual process to pass data between
applications. You can pass data via querystring or a common backend
database, etc.
--
I hope this helps,
Steve C. Orr
MCSD, MVP
http://SteveOrr.net
"barryfz" wrote:
I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in
the url makes any sense from a security standpoint.
--
Barry
You could always pass an encrypted string across.
-Adrian
"barryfz" <ba***@noemail.noemail> wrote in message
news:ut**************@TK2MSFTNGP15.phx.gbl... Steve,
I really just need to pass the authentication.
Barry
"Steve C. Orr" <St***@Orr.net> wrote in message
news:1E**********************************@microsof t.com... What you are trying to do is unnatural. The main reason separate
applications exist is so they can maintain separate application state.
That said, there are ways to do it but they are not simple if you're
dealing
with very much data. Its a very manual process to pass data between
applications. You can pass data via querystring or a common backend
database, etc.
--
I hope this helps,
Steve C. Orr
MCSD, MVP
http://SteveOrr.net
"barryfz" wrote:
I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in
the url makes any sense from a security standpoint.
--
Barry
Default Sessions objects use cookies, which
are associated by URL domains, not server, on the client.
And each site on a server works in a different appdomain, so
the session objects aren't normally visible across those
appdomains even if you somehow figured out the client side
association.
If you pass session state info via a secure form post
then it's very secure. You're going to have to pass some
sort of associating data anyway, either by URL or form post.
There is no escaping that.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Raymond,
I am not sure what you mean by domain? While these are different apps they
are on the same server, just different sites.
If I pass this a part of post don't I then allow someone to hijack the
data being posted and use it to gain access?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:wO0Nf.31438$pE4.6074@trnddc04... Probably not if the domain is different. There may be
other ways to do it, but the simplest way is to redirect
via a form post and re-establish session using form post
data.
"Terry Burns" <me@mine.com> wrote in message
news:u6**************@TK2MSFTNGP12.phx.gbl... Server.Transfer does not affect the Session state as far as I know. Is
session what you meant ?. You can set a session var in one form,
transfer to form 2 and the variable will still be there in session.
Raymond,
Thanks for the feedbackon this. Can you clarify what you mean by a ":secure
post"?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:eS1Nf.16048$fU6.5565@trnddc08... Default Sessions objects use cookies, which
are associated by URL domains, not server, on the client.
And each site on a server works in a different appdomain, so
the session objects aren't normally visible across those
appdomains even if you somehow figured out the client side
association.
If you pass session state info via a secure form post
then it's very secure. You're going to have to pass some
sort of associating data anyway, either by URL or form post.
There is no escaping that.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Raymond,
I am not sure what you mean by domain? While these are different apps
they
are on the same server, just different sites.
If I pass this a part of post don't I then allow someone to hijack the
data being posted and use it to gain access?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:wO0Nf.31438$pE4.6074@trnddc04... > Probably not if the domain is different. There may be
> other ways to do it, but the simplest way is to redirect
> via a form post and re-establish session using form post
> data.
>
>
> "Terry Burns" <me@mine.com> wrote in message
> news:u6**************@TK2MSFTNGP12.phx.gbl...
>> Server.Transfer does not affect the Session state as far as I know. Is
>> session what you meant ?. You can set a session var in one form, transfer > to
>> form 2 and the variable will still be there in session.
>>
>
>
Form post via https. Passing all the session data that way
is the easiest. If SSL is not available, then consider passing
encrypted values using http form post and then decrypting on the
other end before re-creating the same session.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2******************@TK2MSFTNGP10.phx.gbl... Raymond,
Thanks for the feedbackon this. Can you clarify what you mean by a
":secure post"?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:eS1Nf.16048$fU6.5565@trnddc08... Default Sessions objects use cookies, which
are associated by URL domains, not server, on the client.
And each site on a server works in a different appdomain, so
the session objects aren't normally visible across those
appdomains even if you somehow figured out the client side
association.
If you pass session state info via a secure form post
then it's very secure. You're going to have to pass some
sort of associating data anyway, either by URL or form post.
There is no escaping that.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Raymond,
I am not sure what you mean by domain? While these are different apps
they
are on the same server, just different sites.
If I pass this a part of post don't I then allow someone to hijack the
data being posted and use it to gain access?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:wO0Nf.31438$pE4.6074@trnddc04...
> Probably not if the domain is different. There may be
> other ways to do it, but the simplest way is to redirect
> via a form post and re-establish session using form post
> data.
>
>
> "Terry Burns" <me@mine.com> wrote in message
> news:u6**************@TK2MSFTNGP12.phx.gbl...
>> Server.Transfer does not affect the Session state as far as I know.
Is >> session what you meant ?. You can set a session var in one form,
transfer > to
>> form 2 and the variable will still be there in session.
>>
>
>
That sounds feasible. What is "customSessionID"?
"Peter Bromberg [C# MVP]" <pb*******@yahoo.nospammin.com> wrote in message
news:BD**********************************@microsof t.com... Barry,
As Steve and others may have pointed out, Server.Transfer only is designed
to work within the current IIS application.
What you would need to do if you do not want to pass session information
on
the querystring or as hidden formfields is to set up a custom database or
other persistent storage mechanism to store and then retrieve by
"customSessionId" the information you need once the redirect lands on the
new
site.
Peter
--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com
"barryfz" wrote:
I need to be able to move from one web app on my server to another on
the
same server and preserve the session state. I have played with
server.transfer but I get an error saying I can't do this. How can I
accomplish this. I don't think redirects with session state being passed
in
the url makes any sense from a security standpoint.
--
Barry
Hi Barry,
As for Server.Transfer, it can only work within a single ASP.NET
application but not across mutiple application or server bounary. Also,
session State is also not able to share between multiple applications. In
ASP.NET 2.0, there does provides interfaces for us to create customized
session storage provider(customzied session state httpmodule), however
that'll require quite complex work:
#Implementing a Session-State Store Provider http://msdn2.microsoft.com/en-us/lib.../ms178587.aspx
BTW, if your applications are using ASP.NET forms Authentication and want
to share the forms authentication's autentication ticket(cookie based)
across multiple applications, you can have a look at the following
reference:
#How To Share Authentication Cookies across ASP.NET V1.1 and ASP.NET V2.0
Applications http://weblogs.asp.net/scottgu/archi...10/432851.aspx
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Thanks Raymond,
I can do that, but couldn't someone grab the post and resend it from their
own brower and thus hijack the session?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:vJ3Nf.31459$pE4.23999@trnddc04... Form post via https. Passing all the session data that way
is the easiest. If SSL is not available, then consider passing
encrypted values using http form post and then decrypting on the
other end before re-creating the same session.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2******************@TK2MSFTNGP10.phx.gbl... Raymond,
Thanks for the feedbackon this. Can you clarify what you mean by a
":secure post"?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:eS1Nf.16048$fU6.5565@trnddc08... > Default Sessions objects use cookies, which
> are associated by URL domains, not server, on the client.
> And each site on a server works in a different appdomain, so
> the session objects aren't normally visible across those
> appdomains even if you somehow figured out the client side
> association.
>
> If you pass session state info via a secure form post
> then it's very secure. You're going to have to pass some
> sort of associating data anyway, either by URL or form post.
> There is no escaping that.
>
> "barryfz" <ba***@noemail.noemail> wrote in message
> news:%2****************@TK2MSFTNGP10.phx.gbl...
>> Raymond,
>>
>> I am not sure what you mean by domain? While these are different apps
>> they
>> are on the same server, just different sites.
>>
>> If I pass this a part of post don't I then allow someone to hijack the
> data
>> being posted and use it to gain access?
>>
>> Barry
>>
>>
>> "Raymond" <un*******@nothee.net> wrote in message
>> news:wO0Nf.31438$pE4.6074@trnddc04...
>> > Probably not if the domain is different. There may be
>> > other ways to do it, but the simplest way is to redirect
>> > via a form post and re-establish session using form post
>> > data.
>> >
>> >
>> > "Terry Burns" <me@mine.com> wrote in message
>> > news:u6**************@TK2MSFTNGP12.phx.gbl...
>> >> Server.Transfer does not affect the Session state as far as I know. Is >> >> session what you meant ?. You can set a session var in one form,
> transfer
>> > to
>> >> form 2 and the variable will still be there in session.
>> >>
>> >
>> >
>>
>>
>
>
Thanks Steven,
I think this is what I am looking for.
Barry
"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:Yu**************@TK2MSFTNGXA03.phx.gbl... Hi Barry,
As for Server.Transfer, it can only work within a single ASP.NET
application but not across mutiple application or server bounary. Also,
session State is also not able to share between multiple applications. In
ASP.NET 2.0, there does provides interfaces for us to create customized
session storage provider(customzied session state httpmodule), however
that'll require quite complex work:
#Implementing a Session-State Store Provider
http://msdn2.microsoft.com/en-us/lib.../ms178587.aspx
BTW, if your applications are using ASP.NET forms Authentication and want
to share the forms authentication's autentication ticket(cookie based)
across multiple applications, you can have a look at the following
reference:
#How To Share Authentication Cookies across ASP.NET V1.1 and ASP.NET V2.0
Applications
http://weblogs.asp.net/scottgu/archi...10/432851.aspx
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Well, what's to prevent them from doing that now
with the sessions you have going now from the same
site? The transfer as I outlined doesn't add any new
vulnerability. If a hijaking vulnarability already exists
for the sessions on the same site, it'll also exist for the
cross-site transfer.
"barryfz" <ba***@noemail.noemail> wrote in message
news:Oa*************@TK2MSFTNGP14.phx.gbl... Thanks Raymond,
I can do that, but couldn't someone grab the post and resend it from their
own brower and thus hijack the session?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:vJ3Nf.31459$pE4.23999@trnddc04... Form post via https. Passing all the session data that way
is the easiest. If SSL is not available, then consider passing
encrypted values using http form post and then decrypting on the
other end before re-creating the same session.
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2******************@TK2MSFTNGP10.phx.gbl... Raymond,
Thanks for the feedbackon this. Can you clarify what you mean by a
":secure post"?
Barry
"Raymond" <un*******@nothee.net> wrote in message
news:eS1Nf.16048$fU6.5565@trnddc08...
> Default Sessions objects use cookies, which
> are associated by URL domains, not server, on the client.
> And each site on a server works in a different appdomain, so
> the session objects aren't normally visible across those
> appdomains even if you somehow figured out the client side
> association.
>
> If you pass session state info via a secure form post
> then it's very secure. You're going to have to pass some
> sort of associating data anyway, either by URL or form post.
> There is no escaping that.
>
> "barryfz" <ba***@noemail.noemail> wrote in message
> news:%2****************@TK2MSFTNGP10.phx.gbl...
>> Raymond,
>>
>> I am not sure what you mean by domain? While these are different
apps >> they
>> are on the same server, just different sites.
>>
>> If I pass this a part of post don't I then allow someone to hijack
the > data
>> being posted and use it to gain access?
>>
>> Barry
>>
>>
>> "Raymond" <un*******@nothee.net> wrote in message
>> news:wO0Nf.31438$pE4.6074@trnddc04...
>> > Probably not if the domain is different. There may be
>> > other ways to do it, but the simplest way is to redirect
>> > via a form post and re-establish session using form post
>> > data.
>> >
>> >
>> > "Terry Burns" <me@mine.com> wrote in message
>> > news:u6**************@TK2MSFTNGP12.phx.gbl...
>> >> Server.Transfer does not affect the Session state as far as I
know. Is >> >> session what you meant ?. You can set a session var in one form,
> transfer
>> > to
>> >> form 2 and the variable will still be there in session.
>> >>
>> >
>> >
>>
>>
>
>
Barry, I would suggest that you re-think the problem if possible, this is
not really a good way to go about it. I realize sometimes this is not
possible for various reasons, but if there is any way around it, you should
think hard about it.
--
Terry Burns http://TrainingOn.net
"barryfz" <ba***@noemail.noemail> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl... Thanks Steven,
I think this is what I am looking for.
Barry
"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:Yu**************@TK2MSFTNGXA03.phx.gbl... Hi Barry,
As for Server.Transfer, it can only work within a single ASP.NET
application but not across mutiple application or server bounary. Also,
session State is also not able to share between multiple applications. In
ASP.NET 2.0, there does provides interfaces for us to create customized
session storage provider(customzied session state httpmodule), however
that'll require quite complex work:
#Implementing a Session-State Store Provider
http://msdn2.microsoft.com/en-us/lib.../ms178587.aspx
BTW, if your applications are using ASP.NET forms Authentication and want
to share the forms authentication's autentication ticket(cookie based)
across multiple applications, you can have a look at the following
reference:
#How To Share Authentication Cookies across ASP.NET V1.1 and ASP.NET V2.0
Applications
http://weblogs.asp.net/scottgu/archi...10/432851.aspx
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Thanks for Terry's input,
Hi Barry,
I think Terry's suggestion is reasonable, we should think it over to
determine whether using such cross-authentication is necessary. If we can
use other approach or design to avoid it, that'll be preferred.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Here is my problem. I have a DNN portal site and an eCommerce site that is
not a DNN module. I really do not have the resources available to recode
the eCommerce site to make it DNN comliant. Up until now we have not had DNN
content that requried any security so we deferred security to the eCommerce
site entirely. Now I am being asked to add content to the DNN site that
will require security but we don't want to make our customers log on twice,
once for DNN adn once for eCommerce. I need to come up with a way to handle
a single sign on for both sites. I have requeste info from MS about using
Passport but I need to assess all alternatives.
Any suggestions are mor than welcome.
Barry
"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:II**************@TK2MSFTNGXA03.phx.gbl... Thanks for Terry's input,
Hi Barry,
I think Terry's suggestion is reasonable, we should think it over to
determine whether using such cross-authentication is necessary. If we can
use other approach or design to avoid it, that'll be preferred.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Actually, passport would have been my suggestion if you could not work
around. I think its your best option by the sounds of things,
Good luck
--
Terry Burns http://TrainingOn.net
"barryfz" <ba***@noemail.noemail> wrote in message
news:u0**************@TK2MSFTNGP10.phx.gbl... Here is my problem. I have a DNN portal site and an eCommerce site that
is not a DNN module. I really do not have the resources available to
recode the eCommerce site to make it DNN comliant. Up until now we have
not had DNN content that requried any security so we deferred security to
the eCommerce site entirely. Now I am being asked to add content to the
DNN site that will require security but we don't want to make our
customers log on twice, once for DNN adn once for eCommerce. I need to
come up with a way to handle a single sign on for both sites. I have
requeste info from MS about using Passport but I need to assess all
alternatives.
Any suggestions are mor than welcome.
Barry
"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:II**************@TK2MSFTNGXA03.phx.gbl... Thanks for Terry's input,
Hi Barry,
I think Terry's suggestion is reasonable, we should think it over to
determine whether using such cross-authentication is necessary. If we can
use other approach or design to avoid it, that'll be preferred.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Hernán Castelo |
last post by:
hi
i'm setting up my web new server
i see that cookies do not persist
after a Server.Transfer or Response.Redirect
although i do expire them the next year
thanks
|
by: StephenMcC |
last post by:
Hi All,
Got a quick query in relation to the Server.Transfer method available in IIS
5+/ASP. I've got an issue where I want to take a portion of an online app and
extract this out into a web...
|
by: Tom |
last post by:
Hi
I am trying to transfer to a different .ASPX page using Server.Transfer.
However, I get the following error:
"Error executing child request for .aspx."
Anyone know why?
Thanks for...
|
by: Justin |
last post by:
Hi,
Im confused here over the usage of Response.Redirect and
Server.Transfer. I used frameset for my work, what are the
proper usages of the two methods that seems working
similar..
The...
|
by: Mr Wizard |
last post by:
I am going through the front controller http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpatterns/html/ImpFrontControllerInASP.asp and all works well except when the server.transfer...
|
by: Pete |
last post by:
Hi all...
I sincerly hope one of the MS guys can clear this up for me...
First some background...
Ok, I have a web site which is fully translatable into several
languages. All the strings...
|
by: David Berman |
last post by:
It seems that my site is losing session information when using
Server.Transfer. I have a page called PictureGallery.aspx. It takes an
argument which is an index id, so it would look like...
|
by: UJ |
last post by:
Folks,
We provide custom content for our customers. Currently we put the files on
our server and people have a program we provide that will download the
files. These files are usually SWF, HTML or...
|
by: RN1 |
last post by:
When a server encounters the line
Response.Redirect("abcd.asp")
in a ASP script, the server tells the browser that it has to be
redirected to another page (which is abcd.asp, in this case)....
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| |
