Forms Authentication and requireSSL, what's the recommended best practice

Discussion in 'ASP .Net Security' started by mikemad, Jan 26, 2005.

  1. mikemad

    mikemad Guest

    I have an ASP.NET 1.1 Web app and am now implementing SSL. It used
    forms authentication. Everything works fine but I get unexpected(by me)
    behavior when I set the requireSSL in the config file.

    My scenario is, I want to login securely in a secure directory and then
    redirect to the home page of the site. Pretty standard. If they are
    logged in, then display a header bar with a few menu items such as
    "Profile", etc. I am checking the Request.IsAuthenticated and if it is
    true, I show the header bar. Well, IsAuthenticated is false when I'm
    not under the SSL directory so it doesn't display my header bar. What's
    the recommended way of doing this kind of common operation. I could
    just set a Session variable when I login and display the menu if that
    session variable is set. Is there a better way??
    Thanks,

    Mike Maddox
    Creative Journey Consulting
    mikemad, Jan 26, 2005
    #1
    1. Advertising

  2. mikemad

    mikemad Guest

    Anyone have any ideas? Since the Auth cookie is only passed when I'm
    under SSL, what about the Session cookie. If I set a value in SESSION
    to signify that I logged in, wouldn't that work? Am Imissing something??
    mikemad, Jan 27, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,446
    Tommy
    Feb 13, 2004
  2. =?Utf-8?B?amF2YXRvcGlh?=

    requireSSL not working on web site

    =?Utf-8?B?amF2YXRvcGlh?=, May 13, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    2,295
    Rick Spiewak
    May 13, 2004
  3. Phil Johnson
    Replies:
    0
    Views:
    1,351
    Phil Johnson
    Oct 28, 2009
  4. TH
    Replies:
    2
    Views:
    498
  5. Mohit Sindhwani
    Replies:
    2
    Views:
    106
    Mohit Sindhwani
    Jan 10, 2010
Loading...

Share This Page