Wrox Programmer Forums
|
ASP.NET 1.0 and 1.1 Professional For advanced ASP.NET 1.x coders. Beginning-level questions will be redirected to other forums. NOT for "classic" ASP 3 or the newer ASP.NET 2.0 and 3.5
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.0 and 1.1 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old January 10th, 2007, 03:01 AM
Registered User
 
Join Date: Dec 2006
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default .net security model

hiii friends..
this z wth respect to asp.net security..as far as i know in form authentication mode we are bound to use security socket layer(SSL)since text z traferred between client and server as pure html text..
So in that case we have to use https:// instead of http://..well my doubt z that while opening gmail or yahoo mail why we r not using http:// though it uses a form authentication mode for security purpose..
         Waiting keenly for ur reply..bye-2.


 
Old January 11th, 2007, 12:36 AM
Wrox Author
 
Join Date: Oct 2005
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

First about the Forms Authentication. Yes unless you have setup SSL on your server and people can access your site through HTTPS, all of the Forms Authentication is passed as clear text =[ Setting up SSL isn't that hard but it does cost a little bit of money. (Security Cert and such) but once that is in place you can safely pass data back and forth over HTTPS.

I can't speak about Yahoo because I do not use their web mail but GMail I do use and the reason that you are always connected via an HTTPS site is:

Their Incoming (POP) and Outgoing (SMTP) servers require an SSL connection as to secure the inbound and out bound traffic of their mail server. Think about it: if your logged into gmail void of that SSL connection all of the mail you are reading is being passed back and forth clear text so anyone, really, could be reading your email. Over an SSL connection there is some protection so not every Script Kiddie known to man is reading your email.

Think of it sort of like the PGP Mail Client. (If your not familiar Google for it.)

-------------------------
I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.

^^Thats my signature





Similar Threads
Thread Thread Starter Forum Replies Last Post
graphical model of ADO.NET zdu Visual Basic 2005 Basics 0 March 31st, 2008 05:41 AM
.NET model vs. pre .NET model. raychoudhury BOOK: Beginning Visual Basic 2005 ISBN: 978-0-7645-7401-6 0 January 11th, 2007 06:11 AM
.net security model rahul.agarawal ASP.NET 1.0 and 1.1 Basics 1 January 10th, 2007 03:51 AM
asp.net push model for crystal reports ewood BOOK: Professional Crystal Reports for VS.NET 2 February 4th, 2005 10:01 AM
asp.net push model for crystal reports ewood Classic ASP Basics 0 January 7th, 2005 02:12 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.