asp.net - Session based authentication -


i using session based authentication asp.net website.

1) know whether safe or not have session based authentication security purpose.

2) when number of users grows whether many session slows down performance?

3) in case nothing work out, end migrating session based authentication forms authentication, safe way migrate?

so far have referred link

http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider

i know whether safe have session based authentication security purpose.

that depend on how implemented it, if storing logged in username in session should pretty safe.

when number of users grows whether many session slow down performance.

if using in-memory session provider mean storing inside memory of web server information logged in users. if application domain recycles, loose session information , logged in users automatically logged out not good. not scalable solution. might want use out of process session provider if ever decide go path.

in case nothing work out, end migrating session based authentication forms authentication, safe way migrate?

simply remove code relies on session , replace using user.identity.name fetch logged in user. here's nice overview of forms based authentication. that's recommended approach handling authentication in asp.net applications.


Comments

Post a Comment

Popular posts from this blog

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

java - Output of Eclipse is rubbish -

i want write program in eclipse language different english. when display output using system.out program, displays output correctly in console editor. when accept input console , output it, output rubbish. how can solve it. many thnaks i'm not sure if problem, have character encoding problem. make sure you're using unicode, utf-8. you can read more @ official docs converting non-unicode text .
Read more

jquery - Confused with JSON data and normal data in Django ajax request -

i read json internet still have not got grasp of it. reading article http://webcloud.se/log/ajax-in-django-with-jquery/ i not understood first part function using json def xhr_test(request, format): if request.is_ajax(): if format == 'xml': mimetype = 'application/xml' if format == 'json': mimetype = 'application/javascript' data = serializers.serialize(format, examplemodel.objects.all()) return httpresponse(data,mimetype) # if want prevent non xhr calls else: return httpresponse(status=400) my main problems are from function getting format variable does format json mean data given function json or data recived json can give me simple example ouput of function data = serializers.serialize(format, examplemodel.objects.all()) how use data when response in jquery function if don't use json in above function how input , response chnage thanks ...
Read more