Authentication ticket, cookieless, forms authentication?

Discussion in 'ASP .Net Security' started by Lauchlan M, Oct 1, 2003.

  1. Lauchlan M

    Lauchlan M Guest


    I want to use Forms Authentication, cookieless.

    The issue is setting the Authentication Ticket without using cookies (!)

    That is, the authentication ticket (cookie) will not be a cookie but passed
    around in the URL.

    I know there are some resources relating to setting th eAuthentication
    Ticket in a cookieless way, eg;[LN];Q311568 and
    but none of these seem really satisfactory since they rely completely on the
    mobile internet toolkit.

    One can also bypass the MS user/identity/principal framework (eg, and use Session
    variable(s) instead to 'roll your own' login/authentication framework using
    session variables and Global_AcquireRequestState in Glabal.asax (I would
    extend this to do roles as well).

    I want to know how to do the ASP.NET way of authentication (eg, except in cookieless

    But I don't feel I have found the right/best way to do cookieless forms
    authentication. It's looking like doing it the Session variable way is the
    best bet for me at the moment.

    Any ideas / suggestions?

    Lauchlan M
    Lauchlan M, Oct 1, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.