Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
ASP.NET 1.0 and 1.1 Professional For advanced ASP.NET 1.x coders. Beginning-level questions will be redirected to other forums. NOT for "classic" ASP 3 or the newer ASP.NET 2.0 and 3.5
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.0 and 1.1 Professional section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developersí questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Display Modes
  #1 (permalink)  
Old January 10th, 2007, 03:01 AM
Registered User
 
Join Date: Dec 2006
Location: hyderabad, a.p, India.
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default .net security model

hiii friends..
this z wth respect to asp.net security..as far as i know in form authentication mode we are bound to use security socket layer(SSL)since text z traferred between client and server as pure html text..
So in that case we have to use https:// instead of http://..well my doubt z that while opening gmail or yahoo mail why we r not using http:// though it uses a form authentication mode for security purpose..
         Waiting keenly for ur reply..bye-2.


  #2 (permalink)  
Old January 11th, 2007, 12:36 AM
Wrox Author
Points: 13,255, Level: 49
Points: 13,255, Level: 49 Points: 13,255, Level: 49 Points: 13,255, Level: 49
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Oct 2005
Location: Ohio, USA
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

First about the Forms Authentication. Yes unless you have setup SSL on your server and people can access your site through HTTPS, all of the Forms Authentication is passed as clear text =[ Setting up SSL isn't that hard but it does cost a little bit of money. (Security Cert and such) but once that is in place you can safely pass data back and forth over HTTPS.

I can't speak about Yahoo because I do not use their web mail but GMail I do use and the reason that you are always connected via an HTTPS site is:

Their Incoming (POP) and Outgoing (SMTP) servers require an SSL connection as to secure the inbound and out bound traffic of their mail server. Think about it: if your logged into gmail void of that SSL connection all of the mail you are reading is being passed back and forth clear text so anyone, really, could be reading your email. Over an SSL connection there is some protection so not every Script Kiddie known to man is reading your email.

Think of it sort of like the PGP Mail Client. (If your not familiar Google for it.)

-------------------------
I will only tell you how to do it, not do it for you.††
Unless, of course, you want to hire me to do work for you.

^^Thats my signature
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
graphical model of ADO.NET zdu Visual Basic 2005 Basics 0 March 31st, 2008 06:41 AM
.NET model vs. pre .NET model. raychoudhury BOOK: Beginning Visual Basic 2005 ISBN: 978-0-7645-7401-6 0 January 11th, 2007 06:11 AM
.net security model rahul.agarawal ASP.NET 1.0 and 1.1 Basics 1 January 10th, 2007 03:51 AM
asp.net push model for crystal reports ewood BOOK: Professional Crystal Reports for VS.NET 2 February 4th, 2005 10:01 AM
asp.net push model for crystal reports ewood Classic ASP Basics 0 January 7th, 2005 02:12 PM



All times are GMT -4. The time now is 04:35 AM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.