I have been exploring ways in 7.x DNN for webforms .net 3.5 of a secondary app to use the logged in user for dnn (current user).
Right now we are using iframe module and putting the userid on the querystring to our inhouse application. For security reasons I like to get this out of the querystring. It is easily hackable as I was able to do hack it myself.
How does DNN keep track of the user from page to page? Is it in a cookie? on the querystring?
I was thinking if it was in a cookie I could read it in my application.
If not a cookie and querystring I could possibly do a web service of my own from server side to pass the logged in user.
These are just things I am spit balling.
Any other ideas are greatly appreciated. the secondary application is rather big so making it a dnn module really is not feasible at this point.