Click here to Skip to main content
15,902,447 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I'm needing to allow users that are not part of our domain to log into a web application that will need to be very secure as it will contain some patient data. I will be doing a mixed login, those on our domain will login in through our secure system (ADS authenication), but those that don't have and ADS login will need to login through another system.

I was thinking of using the .net login provided but need to know how secure it is as we will be dealing with patient information. To give a little background, I work for a university in the school of medicine department and our radiologist read at about 5 different hospitals. We are now needing to have some individuals from one of those hospitals log into a new application we are creating.

Any links about the security or any experience would be very helpful.

Thanks,
Carolyn
Posted

The control itself is neither secure or unsecure. It is the data that is transmitted that you want to be secured. Use https to make sure the connection is secure and the credentials are being transmitted encrypted.
 
Share this answer
 
Comments
deepakdynamite 15-Nov-11 8:30am    
Nice one
If you want security, then it's not the page controls that should start to worry you - it's the transfer of information between the client and the server that is the biggest risk. Unless you secure this channel (and HTTPS is a good start here) then your data is broadcast in clear across the internet.

I would strongly recommend that you talk to people within your organisation about the best approach here - taking security advice (or worse, code) from a random website such as this is a recipe for insecurity, because you do not know the source of the code, or what any side effects of it may be. This should be a problem your organisation has already met, and developed a strategy to handle.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900