The form-based authentication scheme works in the following manner:

* A client generates a request for a protected resource (e.g. a transaction details page).
* The Internet Information Server (IIS) receives the request. If the requesting client is authenticated by IIS, the user/client is passed on to the Web application.
* If the client does not contain a valid authentication ticket/cookie, the Web application will redirect the user to the URL where the client is prompted to enter his credentials to gain access to the secure resource.
* On providing the required credentials, the client is authenticated/processed by the Web application.

Explore More

Critical SQL Injection and XSS Vulnerability in Myanmar Engineering Society

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Engineering Society Website http://www.mes.org.mm SQL injection is a code injection technique that exploits a security vulnerability occurring in the database

Read More

Cyber attacks are real but is there any foolproof defense yet?

Tulip Systems Inc., the world renowned high bandwidth and broadcast stream hosting service US corporation was under repeated cyber attacks aimed at disrupting web services during the Georgia-Russia standoff few

Read More

What are the various methods of passive OS fingerprinting?

In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and

Read More