Forms auth is a well established secure mechanism for authenticating users. Also, it's using the standard authentication APIs in ASP.NET and in .NET so that other parts of the framework can also participate in security (typically around authorization) in
a standard way without knowing baout your custom flag in session. Don't build your own security as this typically means your app is not as secure as it could be.
BrockAllen
All-Star
27516 Points
4897 Posts
MVP
Re: Authentication
May 24, 2012 12:22 AM|LINK
Forms auth is a well established secure mechanism for authenticating users. Also, it's using the standard authentication APIs in ASP.NET and in .NET so that other parts of the framework can also participate in security (typically around authorization) in a standard way without knowing baout your custom flag in session. Don't build your own security as this typically means your app is not as secure as it could be.
Also, session state is just bad in general.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/