Wrox Home  
Search P2P Archive for: Go
Shopping CartView Cart  |  My Account  |  Support
Home Browse Titles

P2P Archives
 

Archive Index
Back to Active P2P Forum

 


Wrox Chapters on Demand - Download the chapters you need and take them on the go!
Wrox First - Instant Access online to new Wrox books

New Titles for ASP.NET

Cover image for product 0470190647
DotNetNuke Websites Problem Design Solution
Cover image for product 0470391847
Jumping from ASP to ASP.NET
Attention User Groups: Post your next LUG event here
  Return to Index  

asp_web_howto thread: Using SSL

Message #1 by "nick" <nick@i...> on Mon, 17 Sep 2001 11:24:14
Hi all,



I have just installed a digital certificate on our windows 2000 server.



I have a login page login.asp that has a form on that asks for username 

and password. This form is submitted to trylogon.asp which checks the 

username and password in a database table and then redirects the user.



I want to make this login secure, which page needs the https:// protocol, 

the login.asp page or the page it sends the information to?



thanks,



Nick
Message #2 by irfan.syed@g... on Mon, 17 Sep 2001 18:48:48 +0800

The both should be under SSL if you want the information flow and

processing to be secure.











"nick" <nick@i...> on 09/17/2001 07:24:14 PM



Please respond to "ASP Web HowTo" <asp_web_howto@p...>



To:   "ASP Web HowTo" <asp_web_howto@p...>

cc:    (bcc: Irfan H Syed/DHS/DHBG)

Subject:  [asp_web_howto] Using SSL







Hi all,



I have just installed a digital certificate on our windows 2000

server.



I have a login page login.asp that has a form on that asks for

username

and password. This form is submitted to trylogon.asp which checks the

username and password in a database table and then redirects the user.



I want to make this login secure, which page needs the https://

protocol,

the login.asp page or the page it sends the information to?



thanks,



Nick
Message #3 by "nick" <nick@i...> on Mon, 17 Sep 2001 13:10:07
I just want the username and password to be transmitted securely as the 

database is SQL server on another seperate server which is accessed using 

a vb connection dll so the database connection should be secure.





> 

> The both should be under SSL if you want the information flow and

> processing to be secure.

>
Message #4 by irfan.syed@g... on Tue, 18 Sep 2001 09:29:19 +0800

So in this case, only the form taking the information should be on

SSL. But hey, what is wrong in putting both pages in SSL? it will cost

you least on CPU overhead, but make sure you are on SSL, in case the

username/passwords are not matched or so. Some browsers even give you

warning when form is being posted to insecure page.











"nick" <nick@i...> on 09/17/2001 09:10:07 PM



Please respond to "ASP Web HowTo" <asp_web_howto@p...>



To:   "ASP Web HowTo" <asp_web_howto@p...>

cc:    (bcc: Irfan H Syed/DHS/DHBG)

Subject:  [asp_web_howto] Re: Using SSL







I just want the username and password to be transmitted securely as

the

database is SQL server on another seperate server which is accessed

using

a vb connection dll so the database connection should be secure.





>

> The both should be under SSL if you want the information flow and

> processing to be secure.

  Return to Index  
About Wrox  |  Contact Us  |  Subscribe to an RSS Feed of New Wrox Titles
Copyright © 2000-2004 by John Wiley & Sons, Inc. or related companies. All rights reserved. Please read our Privacy Policy