Secure login from unsecured page -- asp.net security

BillAtWork
5/21/2008 4:56:01 PM

Hi,

Can anyone help me with advice/articles about this? I'd like to allow users
to either sign up or login from my initial homepage, but I don't want the
overhead of having EVERY visitor to that page invoking a secure connection.
So everyone visits http://www.mysite.com but only those users that choose to
signup/login pass data over https. I'd like to avoid the alternative of
putting a link on the homepage to a secured page, if possible, hence this
post! :-)

Something similar, I think, to the Godaddy.com homepage - you visit
"http://www.godaddy.com" (note this is not over https), but when you enter
your name/password and click "secure login" this appears to happen over a
secure connection.

Thanks!

Misbah Arefin
5/22/2008 9:27:54 PM

In your Page_Load() do this

if(!IsPostBack)
{
//This is how to POST back to another URL
string script = "<script language='javascript'> " +
"function doSecurePostBack(sNewFormAction){ " +
"document.forms[0].action = sNewFormAction; " +
"} " +
"</script>";
RegisterClientScriptBlock("postBackCall", script);

//add this to our 'secure login' button so that we can POST back to a
differnet URL
btnSecureLogin.Attributes.Add("onclick",
"doSecurePostBack('https://www.yoursite.com/login.aspx');");
}

--
Misbah Arefin
https://mcp.support.microsoft.com/profile/MISBAH.AREFIN
http://dotnethitman.spaces.live.com
http://www.linkedin.com/in/misbaharefin

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about asp.net security

asp.net security : Secure login from unsecured page