FormsAuthentication.Encrypt and SSL

From: Gawel (gawelek_at_SPAM_NO_NON_NOgazeta.pl)
Date: 07/27/04

• Next message: Hans Kesting: "Re: Generating dynamic form elements "<asp:button ...""
• Previous message: Steven Cheng[MSFT]: "Re: Adding namespaces to code behind automatically (C#)"
• Next in thread: Gawel: "Re: FormsAuthentication.Encrypt and SSL"
• Reply: Gawel: "Re: FormsAuthentication.Encrypt and SSL"
• Reply: ASP.NET: "RE: FormsAuthentication.Encrypt and SSL"
• Messages sorted by: [ date ] [ thread ]

Date: Tue, 27 Jul 2004 11:05:45 +0200

Hajo,
in book about security in ASP.NET I read that
if I use Form authentication and need to make its
data secure then I need to use SSL for all pages, not only for
e.g. login page. It is interesting because form ticket is encrypted with
FormsAuthentication.Encrypt and it seems that there is no need
for additional ssl usage. Am I right ?

Gawel

• Next message: Hans Kesting: "Re: Generating dynamic form elements "<asp:button ...""
• Previous message: Steven Cheng[MSFT]: "Re: Adding namespaces to code behind automatically (C#)"
• Next in thread: Gawel: "Re: FormsAuthentication.Encrypt and SSL"
• Reply: Gawel: "Re: FormsAuthentication.Encrypt and SSL"
• Reply: ASP.NET: "RE: FormsAuthentication.Encrypt and SSL"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint