Re: Account Creation and Security
- From: "John Rivers" <first10@xxxxxxxxxxxxxx>
- Date: 27 Aug 2005 12:58:27 -0700
If security is really an issue you should consider using SSL
that is about the only way to protect session hijacking etc.
NTLM is also pretty good but managing the accounts can be
a pain
a nice solution is to use your own basic authentication over ssl
this allows you to manage and use the user database as you wish
whilst skipping getting involved in windows authentication
and letting users login using the login prompt in browsers and save
their passwords if they wish, plus you get to use the realm parameter
to say something cool !
all you need to do it is read up on www-authenticate header and base64
encoding
this also allows for "roaming web sessions" - where one of your
customers can
login at home and then later at work and still be in the same session
(ie: his
shopping basket has the same products in as at home)
it is the slickest solution outside of ntlm
.
- References:
- Account Creation and Security
- From: farsad nasseri
- Re: Account Creation and Security
- From: Curt
- Account Creation and Security
- Prev by Date: Re: Multiline textbox drop the char return when saved to sql
- Next by Date: RE: how to get trackbar onto a web page?
- Previous by thread: Re: Account Creation and Security
- Next by thread: DatePicker?
- Index(es):
Relevant Pages
|
