|
| Cookieless Forms Authentication? |
|
|
|
|
| Messages |
|
Related Types |
This message was discovered on microsoft.public.dotnet.framework.aspnet.
| Toby Couchman |
Hi,
Does anyone know if it is possible to use Forms Authentication without using
cookies? perhaps using a similar method to the cookie-less session
handling..
|
|
|
| |
|
| |
| |
| Rohan Cragg |
Yes, you change a setting in the Web.config file
i.e. <sessionState cookieless="true" />
try this and you will notice that a reference to the session is passed in
the URL...
hth Rohan.
"Toby Couchman" <Click here to reveal e-mail address> wrote in message
news:e6FMKfQ8BHA.2016@tkmsftngp03...
[Original message clipped]
|
|
|
| |
|
| |
| |
| Toby Couchman |
yeah I know thats how to make the session cookie-less, but what about the
Forms Authentication?
"Rohan Cragg" <Click here to reveal e-mail address> wrote in message
news:uIcRVXS8BHA.2332@tkmsftngp03...
[Original message clipped]
|
|
|
| |
|
|
| |
| | |
| |
| Rohan Cragg |
I may be missing the point here but, could you not just store whatever
information you wanted to remember about the visitor in a session
variable?...
' assuming user enters their name and clicks a submit button:
' in the click event of the button you could put this:
Session.Add("Name", txtName.Text)
' and the get back the name on another page you simply query the session:
lblName.Text = CType(Session("Name"), String)
' Session variables are always just Objects, so you have to specify the type
if you have Option Strict = On
hth... Rohan.
"Toby Couchman" <Click here to reveal e-mail address> wrote in message
news:eY1WFfT8BHA.1632@tkmsftngp05...
[Original message clipped]
|
|
|
| |
|
| |
|
|
|
| |
| Shark Attack |
Yes, it's possible.
What you have to do is create your own ticket:
i.e:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(username,
false, 20);
then encrypt it:
string sTicket = FormsAuthentication.Encrypt(ticket);
and redirect to the return URL with the encrypted cookie tacked on the URL:
Response.Redirect(Request.QueryString["ReturnURL"] + "?.ASPXAUTH=" +
sTicket);
(you might want to check if there is are query string parameters already. In
such case put a '&' instead of the '?')
However, the only problem is that on each Page_Load event you will have to
scan your page for all links and add the encrypted ticket to them as well.
Cheers.
"Toby Couchman" <Click here to reveal e-mail address> wrote in message
news:e6FMKfQ8BHA.2016@tkmsftngp03...
[Original message clipped]
|
|
|
| |
|
|
| |
|
|
|
|
|
|
|
|
BootFX
Reliable and powerful .NET application framework. |
|
|
|
|
|
|
