Nick Swan's SharePoint Blog

a day in the life of a Sharepoint and .NET guy!

My Links

News




Post Categories

Archives

Blog Stats

Blogroll

Books

VB-tech website

VB-tech work

Xbox

RSS Security and ASP.NET Forms Authentication

Greg Reinacker from NewsGator has blogged about secure RSS feeds, eg RSS you have to pay for and access with a username and password. He says to use Http authentication that has been around for 8 years or so.

But what about all us .Net developers that have developed their websites using Forms authentication?

I’ve not tried creating an RSS feed behind ASP.NET Forms Authentication. I suppose if you just went to the page with the RSS feed in IE, were redirected to the login, login with remember me ticked and taken back to the RSS page……………would your RSS reader know that you ticked the remember me box and be able to access the feed? I’m just thinking out loud here!!

posted on Tuesday, September 13, 2005 11:37 PM

Get email alerts when this blog is updated!

Feedback

# re: RSS Security and ASP.NET Forms Authentication 9/14/2005 3:20 AM Barry Dorrans

The answer? It depends.

Remember the cookie that's dropped during "Remember me" is part of IE. So if you are using an embedded IE to retrieve your page then in all likelihood that will send the cookie.

However if you're using, for example, XmlTextReader(), which doesn't use IE, then no cookie will get sent.

You can always use fiddler (www.fiddlertool.com) as a local HTTP proxy to examine what is being sent, and what is coming back, assuming of course you have added support for proxies in your application.

Title  
Name  
Url
Comments - All Comments are moderated and will not be displayed until approved by this blog's author    
Enter the code you see: