Hi

Is it possible to use asp.net membership/login control with pure asp i.e.
user logs in using login control and then asp can use it somehow? Is there a
code example somewhere?

Thanks

Regards

IMHO, No.

Is it possible to use asp.net membership/login control with pure asp i.e.
user logs in using login control and then asp can use it somehow? Is there a
code example somewhere?

Thanks

Regards

Hi,

yes you can do that - ASP.NET 2.0 has some plumbing to do forms authentication
and then bounce the requests to the ASP ISAPI - i wrote a little bit about
it here:

http://www.leastprivilege.com/ProtectingNonASPNETResourcesWithASPNET20.aspx

(especially the 2nd part about DefaultHttpHandler)

One problem though, to communication username and roles to ASP - you have
to use HTTP headers. But you also have to protect them, e.g. using a MAC.
Otherwise someone from the outside could send bogus headers with the same
name and to a privilege escalation attack.

I have detailed all steps in my upcoming book (sorry available in 2 weeks)
http://www.microsoft.com/mspress/books/9989.asp

But feel free to ask.

---
Dominick Baier, DevelopMentor
http://www.leastprivilege.com

Show quoteHide quote

Creating composite web controls
Custom control with ListBox
ASP.NET 2.0 - How to databind to nested (hierarchical) business objects?
Selecting a value from a Gridview Control
HyoerLink - need 2 params
Select text in asp:textbox
Auto postback in dropdownlist
WebParts - can you transfer one users choice to all users?
Event Handler for Control in a Nested Datagrid
BaseValidator - How to stop it from rendering "visibility:hidden"