J
Jenna Simmer
Hello. I'm new to .NET and I have a question regarding authentication and authorization
I am using forms authentication (because user names and passwords are stored in an Oracle db) to provide logon functionality, then I'm using a session User object (custom-made) to which I set a isAuthenticated flag. On "members-only" pages I check the isAuthenticated flag to determine if the user is authenticated or not before displaying the page
If requirements impose a restriction on using cookies, is this considered a bad design or not? If yes, then why so
What other options do I have for cookieless authentication
I would appreciate any kind of help
Thank
Jenna
I am using forms authentication (because user names and passwords are stored in an Oracle db) to provide logon functionality, then I'm using a session User object (custom-made) to which I set a isAuthenticated flag. On "members-only" pages I check the isAuthenticated flag to determine if the user is authenticated or not before displaying the page
If requirements impose a restriction on using cookies, is this considered a bad design or not? If yes, then why so
What other options do I have for cookieless authentication
I would appreciate any kind of help
Thank
Jenna