Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jul 01, 2012 11:32 PM by CPrakash82
Aug 18, 2011 11:57 PM|LINK
I am using Forms Authentication.
In my <authentication> settings in my web.config, I have set cookieless="AutoDetect". This has been working fine for my needs so far.
However, I now have a situation where there are some pages in my site where I would like to force cookieless="UseURI" mode. Is there a way to override this setting for specific pages in my site? (I would prefer not to change the setting for my whole entire
site to use cookieless="UseURI", but rather apply it just to the few specific pages where I need it.)
(In case you're curious why I want to do this: I have a Flash control on one page that POSTs to another page, but that Flash control won't pass cookies in its request - hence why I want to use cookieless="UseURI" for those pages. But given the danger of
a user copy-pasting a URL in general, I only want to use cookieless="UseURI" on as few pages as possible.)
May 15, 2012 09:32 AM|LINK
Have you been able to sort out this because, I was also trying to do the same.
May 16, 2012 08:33 PM|LINK
This might seem like a long shot, however the only way that I can think of is creating another directory in your application and calling it something like cookieless (for examaple) and storing any pages that you require to have cookieless authentication
in that directory.
Then add another web.config file to that directory and set the cookieless attribute to true for those pages leaving the rest of the pages exactly how they were
May 18, 2012 04:55 AM|LINK
Yes, May be that works to be one option.
May 29, 2012 04:58 AM|LINK
I ended up writing an HttpModule that would read the authentication ticket from the URL and perform authentication, yet still allows "normal" cookie-based authentication.
It wasn't as ideal as finding a web.config setting, but it did the trick.
May 29, 2012 05:04 AM|LINK
That was really a good idea. Can you please help us with a sample code.
Jun 30, 2012 08:01 AM|LINK
I am struggling with the same problem. I tried the web.config solution but that did not work in my application.
I am not so familiar with ASP.NET so I do not really know how to write a HttpModule. Can you please help me with some code?
Thank you in advance.
Jul 01, 2012 11:32 PM|LINK
Look at these articles for HttpModule
For security based on HttpModule, refer this article.