Hi all,
After countless times of googling around, posting for definitive answers in forums and trying up all the samples for sharing session between ASP and ASP.NET, I have finally came up with my own answer. By using cookies. But I'm still in doubt about this.
FYI, I'm doing an application in ASP.NET and to integrate it with legasy ASP pages in a single portal. For users's convinience, they are able to login from ASP page and from there, they will also able to access the ASP.NET application, which also requires authentication. In short, to access to the ASP.NET pages from the ASP login page, I used cookies because it is an internal call.
I would like to get some advises from the experts about this. I would like to know if there is a serious security issues, scalability, overhead etc in my approach. This is quite urgent. Thank you in advance.
Regards,
Crystalite.
2 967
Hi all,
...
FYI, I'm doing an application in ASP.NET and to integrate it with legasy ASP pages in a single portal. For users's convinience, they are able to login from ASP page and from there, they will also able to access the ASP.NET application, which also requires authentication. In short, to access to the ASP.NET pages from the ASP login page, I used cookies because it is an internal call.
I would like to get some advises from the experts about this. I would like to know if there is a serious security issues, scalability, overhead etc in my approach. This is quite urgent. Thank you in advance.
Regards,
Crystalite.
I'm not very experienced with the type of thing that you're doing, and I'm only just starting to learn about web security myself...but I can't help but point out that cookies are stored as text files.
If you aren't storing an encrypted version of the user name and password in the cookie you could have a security problem.
-Frinny
I'm not very experienced with the type of thing that you're doing, and I'm only just starting to learn about web security myself...but I can't help but point out that cookies are stored as text files.
If you aren't storing an encrypted version of the user name and password in the cookie you could have a security problem.
-Frinny
Yeah. I have thought so too. Thanks for the pointers. I'll see what else I can do about it.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Antwerp |
last post by:
Hi,
I'm trying to create a perl script that will log into a website (the login
form uses POST), navigate to several pages, and append the (html) content parsed
from those pages to a seperate log...
|
by: |
last post by:
Is it possible for a user to enable permanent cookies but disable session
cookies.....this seems like a contradition yet this is what I appear to be
reading in online articles?
|
by: Amit Jamgade |
last post by:
Hi,
I am making use of cookies to store the Session State information
through JavaScript as given below in an ASP Page. Suppose I have XYZ.asp
page. The code in this page goes as shown below....
|
by: Wanda |
last post by:
I want to store related data in an array of cookies, is there a way to
do it in aspnet?
I would like to see something like
Response.Cookies(key)(1).Value = "aaa"
Response.Cookies(key)(2).Value...
|
by: barrybevel |
last post by:
Hi,
I'm trying to login to the www.vodafone.ie website using
HttpWebRequest.
It works fine with IE/Firefox and the .NET Web Control too, just not
with my code.
I think it's a redirect 302...
|
by: barrybevel |
last post by:
Hi,
I have a very small simple program below which does the following:
1) post a username & password to a website - THIS WORKS
2) follow a link - THIS WORKS
3) update values of 2 fields and...
|
by: Neil |
last post by:
Hi,
Although an experienced ASP programmer, I can't work out how to do cookies
in ASP.NET
I need (for instance) to set a cookie for a UserID once a client has logged
on to my site, so that...
|
by: insomniac |
last post by:
Hello,
I'm not a newbie to cookies, however I am stumpped by a receent issue
that has come up. I am running my web application through a frame
that belongs to another company. This application...
|
by: lacanela |
last post by:
Since I want to use cookies on a site running asp.net 1.1. I have
added the following code:
If CInt(Request.QueryString("affid")) 0 Then
Dim affcookie As HttpCookie
affcookie = New...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| |