Microsoft KB Archive/829612

= INFO: Recommendations for Commerce Server Sites That Do Not Use the AuthFilter ISAPI Filter =

Article ID: 829612

Article Last Modified on 11/13/2003

-

APPLIES TO


 * Microsoft Commerce Server 2002 Standard Edition
 * Microsoft Commerce Server 2000 Standard Edition

-



SUMMARY
Support files for using the Microsoft Commerce Server AuthFilter Internet Server API (ISAPI) filter are included with Microsoft Commerce Server 2002, with Commerce Server 2000, and with the solution sites for Commerce Server 2002. These support files are located in a folder that is named Authfiles.



MORE INFORMATION
To avoid issuing unnecessary cookies to users, it is a good idea to make the following changes to the Login.asp file that is located in the Authfiles folder:   Comment out or delete the following line of code from the Login.asp file of any site that does not use the AuthFilter ISAPI filter: objAuth.SetAuthTicket strUserID, True, 90  If the site uses the AuthFilter filter, make sure that the site is issuing authentication tickets that are based on a GUID instead of on a user name (as in the Commerce Server Retail sample site and the Commerce Server Supplier sample site). An implementation that issues authentication tickets that are based on a GUID is preferred over an implementation that bases its authentication tickets on a user name. A GUID is a unique identifier. Therefore, it is more suitable to use as a base for an authentication ticket.



Dimitri van de Giessen, d.vd.giessen@xs4all.nl contributed to this article.

Keywords: kbinfo KB829612

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.