May 04, 2012 05:29 PM|BrockAllen|LINK
You could use something like session, but there is a built-in authentication framework called forms authentication. It's preferred to use the built in approach as they deal with many of the security issues and then you can leverage the built-in authorization
plumbing as well (rather than reinventing that wheel). All of this should use SSL, so you're good on that front.