[Mono-dev] [OT?] Apache digest authentication with ASP.NET/XHTML forms?

"Andrés G. Aragoneses [ knocte ] "Andrés G. Aragoneses [ knocte ]
Tue May 2 09:15:38 EDT 2006


Hello.

Some time ago I made a web application using Apache+PHP, and decided to
use the Digest authentication of Apache [1] for the Back-Office part.
This authentication consists of an .htaccess file that protects the
subtree where it is located.

Now that I am using Mono for developing web applications, I would like
to ask if there is a method to make this type of authentication using
web forms instead of browser-based (I suppose the answer should also
apply to PHP web apps...).

The advantages I see in using this kind of authentication are:

1) Cookieless.
2) No time-out for session expiration (it expires when the browser is
closed).
3) The authentication is made at the webserver level: more secure.

Of course, this could be also a good place to discuss these points, and
to offer other suggestions if you have them.

Thanks in advance.

Regards,

	Andrés	[ knocte ]

-- 
[1] http://httpd.apache.org/docs/2.0/howto/auth.html




More information about the Mono-devel-list mailing list