Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Form Based Authentication

 
Ayman Nour
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
in the Exam study kit, it mentioned that one of the disadvantages of using FORM-based authentication is that it should be used only when a session is maintained using cookies or HTTPS.
I don't really get the reason behind this. can some one clarify it for me?
Thank You All
Ayman Nour El Din
 
ravi janap
Ranch Hand
Posts: 389
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ayman
It is a good question. The only answer which I can think of is that the user's user id and password information should be encrypted by HTTPS protocol when it is transmitted over internet so it can be a disadvantage as one would need a certificate from a certificate authority such as verisign and HTTPS is costly.
But why form based authentication needs session management using cookies???
Thanks
Ravi
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic