Solved

Read ASP.NET Forms Authentication cookie from classic ASP?

Posted on 2004-09-01
5
720 Views
Last Modified: 2013-12-30
I'm using ASP.NET forms authentication to write a cookie containing the currently logged in username:

<authentication mode="Forms">
         <forms name=".ASPXINTRANETAUTH" loginUrl="/login.aspx" protection="All" timeout="60" />
</authentication>
<authorization>
           <allow users="*" />
</authorization>

My login.aspx page creates the cookie with this command:
FormsAuthentication.RedirectFromLoginPage(Username.Value, PersistCookie.Checked);

MY QUESTION: Is there a way to access the username stored in the cookies using Classic ASP?  I want users to be able to login using the ASP.NET app, but I also want them to be able to access legacy ASP apps which I plan to re-code to use the currently logged in username supplied by the ASP.NET cookie.

I looked at the cookie contents, and I can't make out a username from it:

.ASPXINTRANETAUTH
4F3FD9C282F1B7CFFAC07AC7469550E5ECFD31584D6CE3D461A371F83B16A9E30DCB066 818C61F8F46C8F50A46ABEE6C5497F7179EB4716088F7A6B3CC59C8037E0A52FF20922B52
test_server/
1024
394652160
33332915
688688176
29659219
*

Security isn't of utmost importance for this app.

Thanks,
Daniel
0
Comment
Question by:hendridm
5 Comments
 
LVL 9

Accepted Solution

by:
Rodney Helsens earned 450 total points
ID: 11956721
The value is encoded..you should be able to decode the cookie via VBScript, take a look at this
http://blogs.x2line.com/al/articles/146.aspx
0
 
LVL 33

Expert Comment

by:raterus
ID: 11956870
Well you don't have to use that authentication cookie with Forms Authentication, in fact, if security isn't that much of an issue, you can create your own cookie that forms authentication will use.  Then you can keep the username cleartext.
0
 

Expert Comment

by:alejandrorivera
ID: 39746671
this link is broken
http://blogs.x2line.com/al/articles/146.aspx

any chance you can post the solution here?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now