Home/ Questions/Q 7598011
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T22:18:10+00:00

I’m writing an application which displays a login form before it loads, and it

  • 0

I’m writing an application which displays a login form before it loads, and it sends a POST request to a web application which I previously developed.

I can send login details off and get returned a 200 message and can recieve data within that request. However I now wish to store this login after the application has closed, to allow the user to not have to login every time they open the application, or in this case when the computer is restarted. (It will run at boot however needs to maintain an application and not a WCF service)

I’m using HTTPWebRequest in C# to handle POST requests to the server, and I can make cookies on the server side. How do I let my application know about these cookies and store them in a secure way to allow persistent login for my entire application? I’ve looked at a number of ways to store cookies in C# such as these two links:

http://www.c-sharpcorner.com/uploadfile/mahesh/managing-cookies-in-a-wpf-application/

http://msdn.microsoft.com/en-us/library/dd920298(v=vs.95).aspx

However the code in the first link gave me an odd cookie:

“CSCUser2=test-username; android_developer_C:_width=243px; __utma=1.1718972007.1316996246.1316996246.1316996246.1; __utmz=1.1316996246.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); android_developer_reference_lastpage=/C:/AndroidSDK/android-sdk-windows/docs/reference/android/speech/RecognizerIntent.html”

So I’m not sure if that approach is best? Any pointers would be appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think the CookieContainer (i.e. the MSDN link) is the correct way to set and get cookies (By the way: note that your question has nothing to do with wpf or mvvm patter. It is a general c# /.net/httpwebreuqest topic).

    As for caching credentials on the user machine which can be used in subsequent sessions – there are several ways to do this. You can either store the user password in a secure location, or you can store a session key sent to you from the server. The advantage of the second method is that the session key is limited in time (e.g. one week), and after that they user will have to perform a new login. The session key can be delivered to you from the server out of band as a cookie, or with a specific API. Web applications are using cookies because they have no access to any persistent store, but your wpf application can store the password or the session key anywhere it wants.

    I recommend you use the DPAPI to persist secrets on the user computer. Google for c# and DPAPI to see how to do it in .net.

    • 0