What is .Net?.NET is Microsoft's set of unified programming languages that allow developers to create enterprise-class Web and desktop applications across C#, VB.NET, ASP.NET and C++.NET. It includes a powerful set of libraries called the .NET Framework that makes it easier and faster to program than ever before.NOTE: If you're planning on using .NET for web development, always make sure that your web hosting provider supports IIS. It is best to choose a windows web hosting plan. |
Authentication ASP.NET_SessionID (Session) along with AuthToken (GUID) cookie Introduction ASP.NET Session keeps track of the user by creating a cookie called ASP.NET_SessionId in the user browser. This cookie value is checked for every request to ensure that the data being served is specific to that user. In many applications, a Session variable is used to track the logged in user, i.e., if a session variable exists for that user, then the user is logged in, otherwise not. Background Whenever any data is saved into the Session, the ASP.NET_SessionId cookie is created in the user’s browser. Even if the user has logged out (means the Session data has been removed by calling the Session.Abandon() or Session.RemoveAll() or Session.Clear() method), this ASP.NET_SessionId cookie and its value is not deleted from the user browser. This legitimate cookie value can be used by the hijacker to hijack the user session by g...
Comments
Post a Comment