Answer

Passing/Receiving Sign-On Credentials

dotNetLearner

18y

1.7k

I am working on a project that needs to receive user-authentication credentials: could be userId or an account number from a secured (https://) website after a user has logged in and clicked on a link that will connect to my website. I am looking for the best way to do this without compromising the security of the information. I need to receive the userid / account number and pull up that user's information without signing on again on my site. One method is using a hash on the userid/account and passing that also in the querystring. The other is encrypting the whole query string with or without the hash. But, I think these can be pulled from the browser history and can be faked to get the info. How can I use a unique session id for a hand-shake and validate the request. Any ideas /techniques will be greatly appreciated.. Please help...

Next Recommended Forum

really strange problem with my MS ASP.NET software

Consuming Web Service (Dynamically Changing URL)