SSL on single page within ASP.NET application?

[Ben Fidge]

Is is possible to make just a single page within an ASP.NET application use
SSL?

I've written an e-commerce application and want to make just the checkout
page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page in it's
own application, what's the best way to pass data between the two
applications? If at all possible, I'd like to avoid using querystrings.

Thanks

Ben

 

[Hans Kesting]

Is is possible to make just a single page within an ASP.NET
application use SSL?

I've written an e-commerce application and want to make just the
checkout page use SSL for secure transmission.

If it's not possible to do this, and I have to put the checkout page
in it's own application, what's the best way to pass data between the
two applications? If at all possible, I'd like to avoid using
querystrings.
Thanks

Ben

Session is out: the SSL part is a different application from the non-SSL part.
(even if it's possible to have both in a single application, the *browser* treats
the SSL site as different, and will not send the session-cookie).

A shared Database is a good option, pass a GUID (difficult to guess correctly)
in the querystring to point to the correct data.

Hans Kesting

 

[Steven]

There is a great module on the code project (www.codeproject.com) called
"Secure Webpage Module". I recommend you check it out.

 

[Ben Fidge]

Hi Steve,

Couldn't find that article on CodeProject.

Thanks

Ben