Re: Multi Page ASPX

From: Tommy (Websoftwares_at_Hotmail.com)
Date: 02/24/04 

Date: 24 Feb 2004 04:56:54 -0800

Webform does have validation to ensure that the data is being posted
to itself by checking a hash value in the viewstate.

However, I don't think posting to another webform will make your web
application less secure.

ASP.NET does have a few additional feature the makes it easier to
implement a secure web application. However, ASP.NET alone will not
make your website very secure. You will still need to have a secure
infrastructure that is independent of ASP.NET, such as using firewall,
intrusion detection system, SSL, machine configurations...

I think you will be able to port all your existing code from ASP to
ASP.NET without posting any new security risk to your system.

One questions I have is that how third page knows when the processing
of creating an AD user is complete? Does it pool the web server
constantly?

Tommy,

"Bill Smith" <no@spam.com> wrote in message news:<uWzHjtq#DHA.684@tk2msftngp13.phx.gbl>...
> I have a ASP webpage that creates user accounts. It currently use the format
> as follows.
>
> First Page:
> Input boxes that get Firstname and Lastname and Department etc.
> JavaScript Validation
> If correct posts information to Second Page
>
> Second Page:
> Makes a username, email address and displayname from given info then checks
> active directory to see if it exists. If it does exist it try's again until
> it finds a unused one.
> Then posts to third page:
>
> Third Page:
> Popup Window
> Displays the progress of creating the AD account and setting all the
> information.
> Once complete sends email and closes.
>
> I want to convert this to ASP.NET. The problem is I want to keep it very
> secure. Im reading I should posts each page to itself to get the most out of
> ASP.NET.
>
> Any ideas on the best way to go at this.
> Thanks
>
> Bill

Relevant Pages

  • Re: Security overview
    ... yeah - that's the usual dilemma - you will learn a lot in your first "secure application" - maybe you should reserve some budget for penetration testing. ... Dominick Baier - DevelopMentor ... good input validation is a prereq - but there is more ... concatenating input into script blocks - this won't help you. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: SSIS as part of scheduled job fails
    ... Get Secure! ... When responding to posts, please "Reply to Group" via your newsreader so ... This posting is provided "AS IS" with no warranties,and confers no rights. ...
    (microsoft.public.sqlserver.dts)
  • Re: pgp, was Not just the 39 catalog, but all of em.
    ... >Mr. Gravereaux is posting "signed" messages (which ironically are ... >supposed to be MORE secure). ... >PGP secured message posting would be the Real Bob Morein ...
    (rec.audio.pro)
  • Re: pgp, was Not just the 39 catalog, but all of em.
    ... >Mr. Gravereaux is posting "signed" messages (which ironically are ... >supposed to be MORE secure). ... >PGP secured message posting would be the Real Bob Morein ...
    (rec.audio.pro)
  • Re: pgp, was Not just the 39 catalog, but all of em.
    ... >Mr. Gravereaux is posting "signed" messages (which ironically are ... >supposed to be MORE secure). ... >PGP secured message posting would be the Real Bob Morein ...
    (rec.audio.pro)