I have been combing through the web looking at using AJax as a means to initiate user authenication. Now i came across some pretty nifty examples but I also have ideas and also concerns in which i was hoping to get advice on....
Firstly....
I was looking at an example where the programmer used ajax along with a md5 and a "secret" to encrypt and transmit a login through a regular protocol....
I was looking at his method of "seeding" an i was wondering...
1) how effective it would be to use a "session" to be use as a method of storing seed information and to also use it to verify a user and transaction.
2) most of the tutorials simply explain the ajax login...but how effective is it when using an ajax driven application and carrying authentication information between pages?
Any links to example and tutorial information on this topic would be greatly appreciated.
Thanks
Kendall
Using Ajax for login/ authentication
Moderator: General Moderators
Re: Using Ajax for login/ authentication
There are undoubtedly some of the other Forum members who can give you better info than this, but since I see that nobody has answered you yet, let me give you my take on it. You're really talking about several separate topics, so try to keep them separate in your thinking.
1) I don't see the connection between using a session and storing seed data for an encryption alogorithm, but maybe I just don't know enough about it.
2) Ajax is nothing more or less than a means to communicate between the browser and the server without reloading the entire page, so it really has nothing to do with carrying data from one page to another.
1) I don't see the connection between using a session and storing seed data for an encryption alogorithm, but maybe I just don't know enough about it.
2) Ajax is nothing more or less than a means to communicate between the browser and the server without reloading the entire page, so it really has nothing to do with carrying data from one page to another.
- kendall
- Forum Regular
- Posts: 852
- Joined: Tue Jul 30, 2002 10:21 am
- Location: Trinidad, West Indies
- Contact:
Re: Using Ajax for login/ authentication
Weelll maybe i was a bit misleading there....but there is going to be a page to page transition but the data to be displayed (using a bit of ajax) is dependent on the user be authenticated....2) Ajax is nothing more or less than a means to communicate between the browser and the server without reloading the entire page, so it really has nothing to do with carrying data from one page to another.
thanks for the comments....i will keep up with the research
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: Using Ajax for login/ authentication
My only concern with AJAXied applications...
Authentication is sort of a required - requirement. So unlike adding sugar to candy via a WYSIWYG...if the user doesn't have JS enabled for some reaosn (maybe they left it disbaled during testing with FF - which I am guilty of doing numerous times and then trying to work on Facebook)...
The point is...making authenitcation dependent on JS is something you want to think of carefully (your user base mostly) before you lock yourself in.
Just my two cents.
Authentication is sort of a required - requirement. So unlike adding sugar to candy via a WYSIWYG...if the user doesn't have JS enabled for some reaosn (maybe they left it disbaled during testing with FF - which I am guilty of doing numerous times and then trying to work on Facebook)...
The point is...making authenitcation dependent on JS is something you want to think of carefully (your user base mostly) before you lock yourself in.
Just my two cents.
- kendall
- Forum Regular
- Posts: 852
- Joined: Tue Jul 30, 2002 10:21 am
- Location: Trinidad, West Indies
- Contact:
Re: Using Ajax for login/ authentication
thanks....your 2 cents is very well valued...
...you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place 
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
Re: Using Ajax for login/ authentication
Web Developer toolbar for firefox is your 2nd best friend!kendall wrote:thanks....your 2 cents is very well valued......you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place
https://addons.mozilla.org/en-US/firefox/addon/60
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: Using Ajax for login/ authentication
kendall wrote:thanks....your 2 cents is very well valued......you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place
I don't general disable JS in IE - although I believe it's done inside the:
Code: Select all
Internet Options -> Security -> Custom Level -> Active Scripting (disabled)Re: Using Ajax for login/ authentication
Wow! Thanks for the reference. It looks like it will be very useful to me. It's sure comprehensive!malcolmboston wrote: Web Developer toolbar for firefox is your 2nd best friend!
https://addons.mozilla.org/en-US/firefox/addon/60