Ask a Question related to ASP.NET Security, Design and Development.
-
Larry Foulkrod #1
forms auth - session timeout - multi domains - POST values
I have several questions.
1) Does forms authentication store and re-send data intended for the
secured page via a post request during its redirection to the login page?
For example, I am a authenticated user filling out a form. I leave my
computer for a bit and my session times out. I come back and submit the
form. How is this handled within the forms authentication model?
2) I have multiple domain names. I persist cookies in the browser once for
each domain. The user authenticates on [url]www.thisdomain.com[/url] but then requests
a resource on [url]www.thatdomain.com[/url]. Will I be able to access the users
authentication status?
Larry Foulkrod Guest
-
Session Variables over Different Domains
Did you guys ever find an answer to this problem? I am having the same issue. It should be so simple, but not even passing the jsessionid to the url... -
Forms Auth Info passed to Windows Auth?
The requirement is to build an ASP.Net intranet application, so external users can log in to the main web portal via forms authentication, using... -
WS using HTTP-POST auth
How can I call web service using HTTP-POST in asp.net where on the server side is windows authentification required? thank you, Jure -
Configuring Windows Auth & Forms Auth in Asp.Net
Configuring Windows Auth & Forms Auth in Asp.Ne Hi, I've configured a web app to use windows authentication and also set up two separate... -
Forms Auth Timeout and Form Data Preservation
Does anyone know if form data, stuff that the user has typed into a textbox or selected from a dropdown, is preserved when they have to re-login... -
Brock Allen #2 Re: forms auth - session timeout - multi domains - POST values
> For example, I am a authenticated user filling out a form. I leave my
Forms Authentication uses a different cookie than Session, so they are tracked> computer for a bit and my session times out. I come back and submit
> the form. How is this handled within the forms authentication model?
independantly. In the scenario you describe, the Session will be gone but
they will have logged in (barring assumptions in your code about the presence
of Session that prevents this).
Cookies are scoped to the domain, so an ASP.NET authentication cookie issued> 2) I have multiple domain names. I persist cookies in the browser
> once for each domain. The user authenticates on [url]www.thisdomain.com[/url]
> but then requests a resource on [url]www.thatdomain.com[/url]. Will I be able to
> access the users authentication status?
by one won't be visible by another. They'll have to somehow authenticate
on the second domain to have that cookie issued.
-Brock
DevelopMentor
[url]http://staff.develop.com/ballen[/url]
Brock Allen Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
