SSL Login in iFrame

Posted by Karsten on Stack Overflow See other posts from Stack Overflow or by Karsten
Published on 2010-03-01T13:31:20Z Indexed on 2010/03/21 21:31 UTC
Read the original article Hit count: 601

Filed under:
|
|
|

My UI prototype requires me to show the sites login info all the time. Either I should show the usual username and password textbox or "you are logged in as". The last bit don't have to be secure, as it's only info to the user, nothing I will use server side. But the first part should send secure to the server.

It seems that I would have to use https for all pages on the site then. I would like to only use ssl for the things that are required to be secure.

One way is putting the login information into a https://../login.aspx and show it on my mainpage as an IFrame.

One disadvantage I can see is that the user won't know that https is being used, unless they read the IFrame src in the source code.

What do you think?

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about security