Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Forms Authentication Across Applications

Reply
Thread Tools

Forms Authentication Across Applications

 
 
=?Utf-8?B?RmFyaWJh?=
Guest
Posts: n/a
 
      05-16-2007
It know that we can use the following method
http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx

to form authenticate across multiple applications.

I have created an asp.net application that supports form authentication. My
application is going to be called by another legacy application (HTML) which
does the initial authentication.Something like this:

<form name="form1" action="auth.asp" method="post" >
......
</form>

How can I implement "Forms Authentication Across Applications" in this
case? I assume sending authentication information via query string is my
only option, right?

Thanks a lot

Fariba
ASP.NET ISharp - Cairo


 
Reply With Quote
 
 
 
 
=?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
Guest
Posts: n/a
 
      05-16-2007
Forms authentication works with, and requires cookies. So unless you want to
manually (in your code) create and assign a vaild Forms Auth ticket in
response to the querystring "deal", that would be the only way that I can
think of.
Peter
--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




"Fariba" wrote:

> It know that we can use the following method
> http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx
>
> to form authenticate across multiple applications.
>
> I have created an asp.net application that supports form authentication. My
> application is going to be called by another legacy application (HTML) which
> does the initial authentication.Something like this:
>
> <form name="form1" action="auth.asp" method="post" >
> .....
> </form>
>
> How can I implement "Forms Authentication Across Applications" in this
> case? I assume sending authentication information via query string is my
> only option, right?
>
> Thanks a lot
>
> Fariba
> ASP.NET ISharp - Cairo
>
>

 
Reply With Quote
 
 
 
 
=?Utf-8?B?RmFyaWJh?=
Guest
Posts: n/a
 
      05-16-2007
The application which is calling my application is an HTML application with
the form tag I mentioned before. Will it be able to issue a ticket or cooki?

Thanks

"Peter Bromberg [C# MVP]" wrote:

> Forms authentication works with, and requires cookies. So unless you want to
> manually (in your code) create and assign a vaild Forms Auth ticket in
> response to the querystring "deal", that would be the only way that I can
> think of.
> Peter
> --
> Site: http://www.eggheadcafe.com
> UnBlog: http://petesbloggerama.blogspot.com
> Short urls & more: http://ittyurl.net
>
>
>
>
> "Fariba" wrote:
>
> > It know that we can use the following method
> > http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx
> >
> > to form authenticate across multiple applications.
> >
> > I have created an asp.net application that supports form authentication. My
> > application is going to be called by another legacy application (HTML) which
> > does the initial authentication.Something like this:
> >
> > <form name="form1" action="auth.asp" method="post" >
> > .....
> > </form>
> >
> > How can I implement "Forms Authentication Across Applications" in this
> > case? I assume sending authentication information via query string is my
> > only option, right?
> >
> > Thanks a lot
> >
> > Fariba
> > ASP.NET ISharp - Cairo
> >
> >

 
Reply With Quote
 
=?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
Guest
Posts: n/a
 
      05-16-2007
The Forms auth ticket cookie is issued by ASP.NET on the server in response
to a login form post with the username and password.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




"Fariba" wrote:

> The application which is calling my application is an HTML application with
> the form tag I mentioned before. Will it be able to issue a ticket or cooki?
>
> Thanks
>
> "Peter Bromberg [C# MVP]" wrote:
>
> > Forms authentication works with, and requires cookies. So unless you want to
> > manually (in your code) create and assign a vaild Forms Auth ticket in
> > response to the querystring "deal", that would be the only way that I can
> > think of.
> > Peter
> > --
> > Site: http://www.eggheadcafe.com
> > UnBlog: http://petesbloggerama.blogspot.com
> > Short urls & more: http://ittyurl.net
> >
> >
> >
> >
> > "Fariba" wrote:
> >
> > > It know that we can use the following method
> > > http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx
> > >
> > > to form authenticate across multiple applications.
> > >
> > > I have created an asp.net application that supports form authentication. My
> > > application is going to be called by another legacy application (HTML) which
> > > does the initial authentication.Something like this:
> > >
> > > <form name="form1" action="auth.asp" method="post" >
> > > .....
> > > </form>
> > >
> > > How can I implement "Forms Authentication Across Applications" in this
> > > case? I assume sending authentication information via query string is my
> > > only option, right?
> > >
> > > Thanks a lot
> > >
> > > Fariba
> > > ASP.NET ISharp - Cairo
> > >
> > >

 
Reply With Quote
 
=?Utf-8?B?RmFyaWJh?=
Guest
Posts: n/a
 
      05-16-2007
Thanks peter for your reponse.

if the cookie is not issued in the parent application (the one with the
<form> tag which calls "auth.asp") let's say they use another way of keeping
the security context , then I am stuck?

BTW, I though that :

1) There is something called cookieless form authentication which does not
require cookie

2) Cookie and ticket are two differnet things but related. From what I have
interpreted from "The Forms auth ticket cookie is issued by ASP.NET ..." they
are the same thing? Can my html application which calls that asp page issues
a ticket and I get that ticket in my asp.net page and reuse it as part of the
forms authentication scenario?


Thanks a lot for your time

"Peter Bromberg [C# MVP]" wrote:

> The Forms auth ticket cookie is issued by ASP.NET on the server in response
> to a login form post with the username and password.
> Peter
>
> --
> Site: http://www.eggheadcafe.com
> UnBlog: http://petesbloggerama.blogspot.com
> Short urls & more: http://ittyurl.net
>
>
>
>
> "Fariba" wrote:
>
> > The application which is calling my application is an HTML application with
> > the form tag I mentioned before. Will it be able to issue a ticket or cooki?
> >
> > Thanks
> >
> > "Peter Bromberg [C# MVP]" wrote:
> >
> > > Forms authentication works with, and requires cookies. So unless you want to
> > > manually (in your code) create and assign a vaild Forms Auth ticket in
> > > response to the querystring "deal", that would be the only way that I can
> > > think of.
> > > Peter
> > > --
> > > Site: http://www.eggheadcafe.com
> > > UnBlog: http://petesbloggerama.blogspot.com
> > > Short urls & more: http://ittyurl.net
> > >
> > >
> > >
> > >
> > > "Fariba" wrote:
> > >
> > > > It know that we can use the following method
> > > > http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx
> > > >
> > > > to form authenticate across multiple applications.
> > > >
> > > > I have created an asp.net application that supports form authentication. My
> > > > application is going to be called by another legacy application (HTML) which
> > > > does the initial authentication.Something like this:
> > > >
> > > > <form name="form1" action="auth.asp" method="post" >
> > > > .....
> > > > </form>
> > > >
> > > > How can I implement "Forms Authentication Across Applications" in this
> > > > case? I assume sending authentication information via query string is my
> > > > only option, right?
> > > >
> > > > Thanks a lot
> > > >
> > > > Fariba
> > > > ASP.NET ISharp - Cairo
> > > >
> > > >

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms Authentication across applications Janaka ASP .Net Security 2 05-10-2004 12:39 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM
Forms authentication across multiple applications and framework versions JC ASP .Net 1 11-05-2003 11:59 PM



Advertisments