Microsoft Content Management Server - Content Management Login Page

This is Interesting: Free IT Magazines  
Home > Archive > Microsoft Content Management Server > October 2004 > Content Management Login Page





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Content Management Login Page
MEB

2004-10-20, 5:48 pm

Our manuallogin.asp asks for a password and a request has been made to
encrypt the password.

Does anyone know if the password is sent to the server or is a client
token written out?

Does anyone know if there is a way to use Window Integrated
Authentication with the manuallogin.asp code?

Thank you
Stefan [MSFT]

2004-10-20, 5:48 pm

Hi MEB,

for forms login the username and password are sent in cleartext - visible to
anybody with a network sniffer.
Forms login should be protected using SSL.

Cheers,
Stefan.

--
This posting is provided "AS IS" with no warranties, and confers no rights.

MCMS FAQ:
http://download.microsoft.com/downl...6a/MCMS+2002+-+(complete)+FAQ.htm
MCMS Blog: http://blogs.msdn.com/stefan_gossner/category/4983.aspx
MCMS Sample Code:
http://www.gotdotnet.com/community/...t+S
erver
MCMS Whitepapers and other docs:
http://blogs.msdn.com/stefan_gossne...2/07/41859.aspx
--------------------------------


"MEB" <mbalmes@ussco.com> wrote in message
news:73d4422f.0410201039.74e49c2d@posting.google.com...
> Our manuallogin.asp asks for a password and a request has been made to
> encrypt the password.
>
> Does anyone know if the password is sent to the server or is a client
> token written out?
>
> Does anyone know if there is a way to use Window Integrated
> Authentication with the manuallogin.asp code?
>
> Thank you


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com