For a web application I switched from using ASP.NET Membership to using my own log in system which just does something like this to mark a user as logged in: Session["UserId"] = User.Id Is it possible to store the user id in the ASPXAUTH cookie, piggybacking on its encryption, instead of using the standard session? The goal is for th...
Due to a bug in Flash, I have to use the ASPXAuth cookie to log a user in on a page that a flash upload script calls after upload. See this page for more information: http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx I have to make the ASPXAUTH string "public" in the sense that it...
I have both the wcf and asp.net project together in the same project. (I'm running on Azure, so this is more convenient). I have this set in the web.config: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> </system.serviceModel> My wcf service is decorated with: [AspNetCompatibilityRequireme...
Can somebody explain what ASPXAuth cookie does? My website uses forms auth and I am trying to create a load balancer (hardware) rule which will keep track of sessions based on the aspxauth cookie. Is it safe assume that the value of the cookie is unique? Thanks. ...
What is the content of ASP.NET FormsAuthentication cookie value? How can I see the real value of the hashed string (in case that I have the decrypted key)? ...
I thought the .ASPXAUTH was for user authentication? Can anyone confirm if this cookie is indeed a security risk and/or contains session information? Is it even suppose to be used or is it some debug thing? ...