Forms-Based Authentication on a Cookie-Disabled Browser
Does anyone know if MS is going to munge the cookie-id generated by the
config.web setting into the URL and/or QueryString IF the user browser has
all cookies turned off?
I love what Cookie and Passport based authentication can do for us, but
don't we know that more and more users are going to be turning off all
cookies (due to the media's total lack of understanding the difference
between a Persistent Cookie and a Session Cookie)?
If ASP+ can Munge the Session ID into the URL, can't it do the same for the
AuthCookie? Hopefully on an Only-Needed basis, IF Cookies are Off THEN
Munge AuthCookie.
Thanks,
Jason
# 1 Re: Forms-Based Authentication on a Cookie-Disabled Browser
When I asked at the PDC I was told they weren't doing this. Who knows what
will change before they ship however.
"Jason Lukas" <jasonlukas@msn.com> wrote in message
news:39b69250@news.dev-archive.com...
> Does anyone know if MS is going to munge the cookie-id generated by the
> config.web setting into the URL and/or QueryString IF the user browser has
> all cookies turned off?
>
> I love what Cookie and Passport based authentication can do for us, but
> don't we know that more and more users are going to be turning off all
> cookies (due to the media's total lack of understanding the difference
> between a Persistent Cookie and a Session Cookie)?
>
> If ASP+ can Munge the Session ID into the URL, can't it do the same for
the
> AuthCookie? Hopefully on an Only-Needed basis, IF Cookies are Off THEN
> Munge AuthCookie.
>
> Thanks,
> Jason
>
>
>
