I have a website made in ASP.NET C# with Multi User Login Functionality (Cannot share details of website due to client privacy concerns).
The passwords are stored in MS SQL Database, and checked at the time of Login using a Stored Procedure.
Recently, I received a complaint from the client that the site can be accessed without login from the login page using request capturing.
Each an every page of my site checks session for valid user.
However, I've no idea about request capturing and also I am unable to achieve the same for simulation.
If anyone knows it here, please share the details.
Project Details: Technology: ASP.NET C# WebForms Website DataBase: SQL Server 2014 Database access mode: Microsoft Enterprise Library - using Stored Procedures.
Can someone around here explain what is Request Capture, so that I would better be able to navigate the issue
Aucun commentaire:
Enregistrer un commentaire