Hi Roy,

There are no known vulnerabilities with ASP.NET's Forms Authentication model (either in ASP.NET 1.x or 2.0). It provides a secure and well tested way handle user authentication - so I'd definitely recommend looking at using it.

Hope this helps,

Scott

-----Original Message-----
From: Discussion of building .NET applications targeted for the Web [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of Pardee, Roy
Sent: Wednesday, January 17, 2007 1:47 PM
To: DOTNET-***@DISCUSS.DEVELOP.COM
Subject: [DOTNET-WEB] OT-ish--any existing security vulnerabilities in asp.net 1.1 Forms authentication?

Hey All,

Can anybody advise how I could find out about any existing
vulnerabilities in 1.1's Forms authentication?

I'm trying to evaluate the wisdom of putting sensitive information on an
asp.net based wiki application. Please assume the application does all
the right things WRT security. Is there anything that's still waiting
on a patch?

Thanks!

-Roy

===================================
This list is hosted by DevelopMentor? http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

===================================
This list is hosted by DevelopMentor� http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com