Re: OT - How Web Apps Do/Should Detect Authentication

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Arne Vajhøj <arne@xxxxxxxxxx>
Date: Fri, 14 Nov 2008 20:48:31 -0500

jehugaleahsa@xxxxxxxxx wrote:

Can someone tell me how a web application knows whether a user is
logged in?

Somehow, web applications can detect whether someone has already
logged in.

I know all about ASP Membership; that's not what I'm asking.

I want to know what gets sent to the web server so it can verify the
user. Is it some kind of cookie? a HTTP header? taco meat?

Any links or books where I can read all about it would be muchly
appreciated.

Traditionally there are two ways:
* a cookie with session id
* URL rewriting that put the session id in the URL

Cookie is the standard.

Arne
.

Follow-Ups:
- Re: OT - How Web Apps Do/Should Detect Authentication
  - From: jehugaleahsa@xxxxxxxxx

References:
- OT - How Web Apps Do/Should Detect Authentication
  - From: jehugaleahsa@xxxxxxxxx

Prev by Date: Re: c# 3.0, not .Net 3.0
Next by Date: Re: OT - How Web Apps Do/Should Detect Authentication
Previous by thread: OT - How Web Apps Do/Should Detect Authentication
Next by thread: Re: OT - How Web Apps Do/Should Detect Authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: URL-Rewriting, referer and https
... I guess, cookie based sessions are ... steal a session in order to do something dodgy with it. ... Our server is configured currently to use only URL rewriting method, ... moving jsessionid to a cookie would mean that site would not work ...
(comp.lang.java.programmer)
Re: PHPSESSID in URL
... PHP needs to figger out whether or not cookies are ... PHP will fall back to so-called "URL rewriting" that: ... PHP cannot tell if the cookie was accepted until the browser ... So, as any link on the very first page will show this PHP session id, you ...
(comp.lang.php)
Re: Very strange SQL connection problem
... > I am expirienced in writing .NET programs and web applications for about ... > The DataHandler class has a SqlConnection as member variable which gets ... > Global.asax.cs and save it into the Session where it then gets used by ... > expirience the following problem: ...
(microsoft.public.dotnet.framework.adonet)
Re: share session between more than one web application
... >> I have three web applications that I want to provide one single web ... >> If I am able to share the session between them, ... Place data in a database when the first app is hit. ... The others live in subdirectories (and I have to go ...
(microsoft.public.dotnet.framework.aspnet)
Re: Session Variables - why arent novice developers warned?
... But knowing "how a web applications work and its stateless nature" does not ... predict that the IE action File-New-Window will open a new browser window ... content of session variables with damaging consequences. ... integrity of an application which relies on session state is COMPLETELY ...
(microsoft.public.dotnet.framework.aspnet)