Re: Framework 1.1 Multiple Authentication?
- From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Thu, 10 Nov 2005 09:43:59 GMT
Hi Xenophon,
So for your scenario, a quick idea come to my mind is building a custom
HttpModule to handle such authentication task. Assume that we manually do
the Forms Authenticaiton and after user login, we store the encrypted
authentication ticket in the URL(since the clients are cookieless....). And
in our custom HttpModule, we intercept the "AuthenticateRequest" event
where we parse the URL string and validating the encrypted ticket in the
url's querystring.... If invalid, end this request or redirect to a login
page.... In fact, the buildin ASP.NET FormsAuthentiation and Session
State just use a HttpModule to do the work for each comming asp.net
request...
Here are some reference on creating custom HttpModule:
#INFO: ASP.NET HTTP Modules and HTTP Handlers Overview
http://support.microsoft.com/default.aspx?scid=kb;en-us;307985
#Custom HttpModule Example
http://msdn.microsoft.com/library/en-us/cpguide/html/cpconcustomhttpmodules.
asp?frame=true
Hope helps. Thanks,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| NNTP-Posting-Date: Wed, 09 Nov 2005 07:57:54 -0600
| From: xenophon <xenophon@xxxxxxxxxxxxx>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Subject: Re: Framework 1.1 Multiple Authentication?
| Date: Wed, 09 Nov 2005 08:47:24 -0500
| Message-ID: <vdv3n15v6l5ndgnqg7f6tpjrbmuga212it@xxxxxxx>
| References: <4p68m1pt3quak4sku7uaci988r9hif6qss@xxxxxxx>
<OG8xkEP3FHA.1476@xxxxxxxxxxxxxxxxxxxx>
<DRgWDHd3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
<8pdfm1liof2btkarricbogsdj0jm5drag4@xxxxxxx>
<Q#KGdi33FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
| X-Newsreader: Forte Agent 2.0/32.646
| MIME-Version: 1.0
| Content-Type: text/plain; charset=us-ascii
| Content-Transfer-Encoding: 7bit
| Lines: 25
| X-Trace:
sv3-abxqkl0KV3/vSuR2YN6CNZj1xPMByI27kIYQQqrnXqYXKD50VuYWq/QmArYhf2RwKhX7pEn0
QPmeID6!Y2HkzHZz7i6EerZ+HMBwwxHaje4i6s/4KgD4MAIYCnDDHcP2Gi7P0cw6Crtrtdvojb2d
//k=
| X-Complaints-To: abuse@xxxxxxxxxxxx
| X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
| X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
| X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
complaint properly
| X-Postfilter: 1.3.32
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!border2.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.gigan
ews.com!local01.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:356646
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
|
| Could you show a sample of "our own form based authentication module"?
| I think that is what I really need to do. I must rely on cookieless
| sessions.
|
| Thanks.
|
|
|
| On Wed, 02 Nov 2005 06:42:14 GMT, stcheng@xxxxxxxxxxxxxxxxxxxx (Steven
| Cheng[MSFT]) wrote:
|
| >Thanks for your response Xenophon,
| >
| >Unfortunately to hear that you're using cookieless session state which
| >means using cookie is not possible in your web application. Because the
| >ASP.NET webapplicaiton's forms authentication support only cookie based
| >authenticate ticket, if our web application does not use cookie, I'm
afraid
| >we have to build our own form based autentication module which will
store
| >and retrieve authenticate ticket from session state( this is what we
used
| >to do in some classic ASP app...), we store a identify in session state
| >after user login and then check that variable in each page's request to
| >validate user.....
| >
| >Thanks,
|
.
- Follow-Ups:
- Re: Framework 1.1 Multiple Authentication?
- From: xenophon
- Re: Framework 1.1 Multiple Authentication?
- Prev by Date: ASP.Net State Question
- Next by Date: ASP.NET and Windows Forms
- Previous by thread: ASP.Net State Question
- Next by thread: Re: Framework 1.1 Multiple Authentication?
- Index(es):
Relevant Pages
|
