ASP.Net secure Ajax authentication?

I found a way. We will use RSA for encrypting username ans password. In summery I'll have a web service that creates RSA keypair and save it (this key will be regenerated every day to be more secure).

Up vote 3 down vote favorite 2 share g+ share fb share tw.

I want to make my ASP. Net site authentication seamless using Ajax call. So I consider using client side authentication service of microsoft that should be used via HTTPS because it sends username and password in plain-text format.

And the problem is that I can't use SSL in my site. So I found a way to hash data before passing to web service that is described here but the problem is there is a salt in DB that should passed to client for creating hashed password (that equals to DB saved password). And this is not safe.

Is there a better way for doing that? Asp.net ajax web-services authentication login link|improve this question edited Jul 18 '11 at 9:03 asked Jul 18 '11 at 8:51mahdi629 56% accept rate.

I found a way. We will use RSA for encrypting username ans password. In summery I'll have a web service that creates RSA keypair and save it (this key will be regenerated every day to be more secure).

I will have a textbox or hidden field that calls this service and get the public key. The for encrypt username and password with jCryption library client side and pass this to my authentication service using ajax call. So the server will decrypt them with private key and the authenticate user.

I found a way. Check this out: Secure AJAX Authentication without SSL.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.