473,396 Members | 2,111 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c# / c sharp > questions > forms auth. vs iis auth.

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Forms Auth. vs IIS Auth.

Is using forms authentication any less secure than using
one of the more secure IIS authentication methods?

I am wanting to authenticate against credentials in a
database.
I see two ways of doing this. The first is through forms
authentication and trying to encrypt the credential data
being transmitted over the network. The other is using
IIS authenication and an ISAPI filter dll to handle the
authentication against the database.
Nov 15 '05 #1
1 1460
Kevin,

I would say less secure, because Forms Autnetication relies on browser
cookies for everything. You should understand that Forms
Authentication was designed for public web sites. If you were trying
to "secure" an on-line store for example you would implement this type
of secuirty.

The alternative would be Windows Integrared Security which would be
going though the NTLM or Keberos, Or you could use the Microsoft
Passport protocoil (IIS 6.0 and above only I believe). I would only
use Integrated security for Intranet web sites (since the users has to
be logged into a reconized domain for their credientals to be picked
up).

FYI- This question is really suited for the aspnet newsgroups, you
probably would have recieved a much faster response there.

-Jeremy


"Kevin" <an*******@discussions.microsoft.com> wrote in message news:<08****************************@phx.gbl>...
Is using forms authentication any less secure than using
one of the more secure IIS authentication methods?

I am wanting to authenticate against credentials in a
database.
I see two ways of doing this. The first is through forms
authentication and trying to encrypt the credential data
being transmitted over the network. The other is using
IIS authenication and an ISAPI filter dll to handle the
authentication against the database.

Nov 15 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
forms authentication ticket .userdata vanishing
by: e | last post by:
I'm using forms authentication on a site. When the user logs in via the login page, the entered creds are checked against AD, and if valid, an encrypted forms authentication ticket is produced and...
ASP.NET
2
Why no 403 error for Forms Auth?
by: Brad | last post by:
Stupid question time: Why does Forms Auth just keep going to the login page when access is denied? A 403 error is never raised..at least in my testing it doesn't. If I have a particular web...
ASP.NET
0
Configuring Windows Auth & Forms Auth in Asp.Net
by: Chris Mohan | last post by:
Hi, I've configured a web app to use windows authentication and also set up two separate subdirectories to use forms authentication. It appears to work fine but I have never seen a sample that...
ASP.NET
4
Forms Auth cookie vanishes immediately after login
by: 23s | last post by:
I had this problem in the past, after a server reformat it went away, and now after another server reformat it's back again - no clue what's doing it. Here's the flow: Website root is public, no...
ASP.NET
1
Forms Authentication - Not timing out, not redirecting.
by: AVance | last post by:
Hi, I've come across this scenario in ASP.NET 1.1 with forms authentication where the forms auth doesn't seem to timeout correctly, nor redirect to the login page. I have done some testing, and...
ASP.NET
2
c# forms authentication
by: code | last post by:
Hi, I have stumbled across an interesting problem regarding forms authentication over multiple sub domains. The topic has been covered in various forms online but never really gets a definitive...
ASP.NET
3
CurrentContext with forms auth
by: Smokey Grindle | last post by:
I am using forms authentication with a custom user database... I was wondering, when logging in using forms auth, does the HttpContext.Current.User return the forms logged in user or the AD user...
ASP.NET
8
Forms Authentication - Really really basic question
by: =?Utf-8?B?TFc=?= | last post by:
Hello! I am just learning about forms authentication so please excuse this basic question. I am using .NET 1.1 and C#. I have created my web.config file and my login.aspx and the associated cs...
ASP.NET
4
Forms Authentication Across Applications
by: =?Utf-8?B?RmFyaWJh?= | last post by:
It know that we can use the following method http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx to form authenticate across multiple applications. I have created an asp.net application...
ASP.NET
0
forms based auth question
by: tagg3rx | last post by:
Hi All, I'm trying to get forms based auth up and working and I'm running into a little snag. My login page needs to access css files and images in my application and when I enable the...
.NET Framework
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!