sharing authentication/authorization between ASP.NET and Classic ASP pages?

G

Guest

I'm looking for articles, books, code, or just generally good approaches for
how to deal with the problem of password-protecting pages in a website that
consists of both ASP and ASP.NET pages.

This isn't being built for a bank, and the method does not have to be
super-uber-ultra-secure. It does need to fend off the average persistent
hacker.

Can someone please point the way? Thanks very much.

-KF
 
K

Kevin Spencer

Hi KF,

ASP and ASP.Net are both ISAPIs (Internet Server Application Programming
Interface), which means that they run as separate applications, or
processes, on the web server machine. As they are separate rocesses, they
cannot share memory. Therefore, the only way that they can "share data" or
communicate with one another, is via Messaging of some sort or another. So,
your answer lies in that realm. How does any client communicate with an ASP
or ASP.Net application? Via HTTP, by sending a Request. Now, there are some
other ways, depending on the relative locations of the applications, such as
MSMQ (Message Queuing, or Messaging), but they are generally more trouble
than you will need to go to.

Now, as you want to protect the security of your users, you will probably
want to at least hide information from the users by using POST requests
rather than GET requests, and you can also incorporate some level of
encryption via HTTPS (VERY secure), or your own hand-rolled encryption
solution.

--
HTH,

Kevin Spencer
Microsoft MVP
..Net Developer
Sometimes you eat the elephant.
Sometimes the elephant eats you.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top