I have a Winforms application which use a login to authenticate. I also have a ASP.net web which uses the same login parameters and then save the user in session.
I want to open the web from the Winforms with the user session initialized, so the user doesn't needs to log again.
Is this possible?
With System.Diagnostics.Process.Start("http://myweb.com?login=XXX&pass=YYY") I can get the values and simulate the login event, but I don't want to pass user parameters in the URL. Any Suggestions?
The safest way to do this would be to create a token table where you generate a login token against a userid.
When opening your site open a different page ie. LoginToken.aspx and retrieve the userID from the table and save it in session. Then redirect the user to your default page.
I would not advise passing user credentials via the query string.