Ask a Question related to ASP.NET Security, Design and Development.
-
masoud bayan #1
adding cookie
I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserN ame.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie
If chkPersist.Enabled Then
objCookie = New HttpCookie("strUsername", txtUserName.Text)
objCookie.Expires = DateAdd("yyyy", 1, Now())
Else
objCookie = New HttpCookie("strUsername", "")
objCookie.Expires = Now
End If
Response.Cookies.Add(objCookie)
and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.
but now with forms authentication when I add such a cookie to cookies I can not access it later.
Please let me have your experience or comments in this regards.
Thanks
masoud bayan Guest
-
HTTP::Cookie won't store sent cookie
Hi all, My script requests http://foo.bar.com/ with code that looks a little like this: my $ua = LWP::UserAgent->new; my $cookie_jar =... -
DataGrid - Adding labels: and adding data to cells
I am just getting started with flash scripting. My downfall is trying to get the dynamic output to display in flash. I tried using the list... -
Adding points to a database ( adding / subtrating numeric values)
HI all, I have build a user database that comes with user points for browsing private section of my site. I would like to know what is the... -
Cookies set one time, I delete cookie, cookie is never set again!
I am having this problem: My PHP script will set a cookie, it's there in my /Cookies folder. I delete the cookie (I have to for testing purposes,... -
authentication cookie vs session cookie
Hi, What are the differences between authentication and session cookies? In my web.config file, I set the cookieless attribute for the... -
Raterus #2 Re: adding cookie
Sure you want to do this? I just say this, because to put their username/password back in that box, it is going to have to be stored as plain text on the users computer.....bad idea for many reasons. If you just let the forms authentication cookie persist, they are automatically logged in, no need to see a login page, and the cookie is stored with a good amount of encryption.
But if you want to do it your way, don't allow them to persist the cookie, and then just set a cookie with their username password and load it in (if it exists) when they load up the page.
'set storage cookie
Dim authCookie as HttpCookie = new HttpCookie("auth")
authCookie("username") = txtUsername.text
authCookie("password") = txtPassword.text
Response.Cookies.Add(authCookie)
....
'recall storage cookie
If not Request.Cookies("auth") is nothing
txtUserName.text = Request.Cookies("auth")("username")
txtPassword.text = Request.Cookies("auth"("password")
end if
--Michael
"masoud bayan" <masoud_bayan@hotmail.com> wrote in message news:OvlAmKYdEHA.3916@TK2MSFTNGP11.phx.gbl...
I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserN ame.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie
If chkPersist.Enabled Then
objCookie = New HttpCookie("strUsername", txtUserName.Text)
objCookie.Expires = DateAdd("yyyy", 1, Now())
Else
objCookie = New HttpCookie("strUsername", "")
objCookie.Expires = Now
End If
Response.Cookies.Add(objCookie)
and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.
but now with forms authentication when I add such a cookie to cookies I can not access it later.
Please let me have your experience or comments in this regards.
Thanks
Raterus Guest
-
masoud bayan #3 Re: adding cookie
Thanks Micheal, It works.
Actually I do not keep password just user name also becasue of security I do not want to make cookie persistance.
"Raterus" <raterus@spam.org> wrote in message news:uL3UFBbdEHA.2664@TK2MSFTNGP09.phx.gbl...
Sure you want to do this? I just say this, because to put their username/password back in that box, it is going to have to be stored as plain text on the users computer.....bad idea for many reasons. If you just let the forms authentication cookie persist, they are automatically logged in, no need to see a login page, and the cookie is stored with a good amount of encryption.
But if you want to do it your way, don't allow them to persist the cookie, and then just set a cookie with their username password and load it in (if it exists) when they load up the page.
'set storage cookie
Dim authCookie as HttpCookie = new HttpCookie("auth")
authCookie("username") = txtUsername.text
authCookie("password") = txtPassword.text
Response.Cookies.Add(authCookie)
...
'recall storage cookie
If not Request.Cookies("auth") is nothing
txtUserName.text = Request.Cookies("auth")("username")
txtPassword.text = Request.Cookies("auth"("password")
end if
--Michael
"masoud bayan" <masoud_bayan@hotmail.com> wrote in message news:OvlAmKYdEHA.3916@TK2MSFTNGP11.phx.gbl...
I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserN ame.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie
If chkPersist.Enabled Then
objCookie = New HttpCookie("strUsername", txtUserName.Text)
objCookie.Expires = DateAdd("yyyy", 1, Now())
Else
objCookie = New HttpCookie("strUsername", "")
objCookie.Expires = Now
End If
Response.Cookies.Add(objCookie)
and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.
but now with forms authentication when I add such a cookie to cookies I can not access it later.
Please let me have your experience or comments in this regards.
Thanks
masoud bayan Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
