Wrox Home  
Search P2P Archive for: Go
Shopping CartView Cart  |  My Account  |  Support
Home Browse Titles

P2P Archives
 

Archive Index
Back to Active P2P Forum

 


Wrox Chapters on Demand - Download the chapters you need and take them on the go!
Wrox First - Instant Access online to new Wrox books

New Titles for ASP.NET

Cover image for product 0470391847
Jumping from ASP to ASP.NET
Cover image for product 0470286652
ASP.NET AJAX Control Development with Visual Studio 2008 and .NET 3.5 Framework
Sign Up for the Free Wrox Newsletter
  Return to Index  

aspx thread: .Net "Forms" security

Message #1 by <wrox@d...> on Thu, 30 Aug 2001 18:35:55 +0100
Hi,

 

I am trying to get the "Forms" based"  Security" to work but am I

correct in assuming that I have to explicitly refer the User in order to

protect the page?

 

i.e something like this in the page load

 

                  string Security 

Context.User.Identity.Name.ToString();

                  if (Security=="") 

                  {

                        Response.Redirect("login.aspx");

 

                  }

 

I thought the path attribute of the forms node in config web would

automatically protect a whole directory but this does not seem the case.

 

Any help appreciated.

 

David
Message #2 by "Balajewicz, Greg" <Greg.Balajewicz@A...> on Thu, 30 Aug 2001 13:51:08 -0500
David,



Search the freeforall and aspngsec groups on this subject. There was a lot

of info on the matter lately. You will surely find what you are looking for.





> -----Original Message-----

> From: wrox@d... [mailto:wrox@d...]

> Sent: Thursday, August 30, 2001 1:36 PM

> To: ASP+

> Subject: [aspx] .Net "Forms" security

> 

> 

> Hi,

>  

> I am trying to get the "Forms" based"  Security" to work but am I

> correct in assuming that I have to explicitly refer the User 

> in order to

> protect the page?

>  

> i.e something like this in the page load

>  

>                   string Security 

> Context.User.Identity.Name.ToString();

>                   if (Security=="") 

>                   {

>                         Response.Redirect("login.aspx");

>  

>                   }

>  

> I thought the path attribute of the forms node in config web would

> automatically protect a whole directory but this does not 

> seem the case.

>  

> Any help appreciated.

>  

> David

> 

>
Message #3 by "Mats Boberg" <mats.boberg@n...> on Fri, 31 Aug 2001 08:59:20 +0200
The best site ever about coding web .net applications is www.ibuyspy.com



In their source code you can read how it shall be done.



1. Add a element in web.config describing what kind of security you want and

a login page that will come up when a user is not authenticated.



2. Do a check against a userdatabase. If user is authenticated write a

cookie.



3. If you want user roles, you can add them to context object and then check

the users roles with bool Context.User.IsInRole("Admin")



I hope you got some leads...







-----Original Message-----

From: David Higgins [mailto:david@h...]

Sent: den 30 augusti 2001 19:36

To: ASP+

Subject: [aspx] .Net "Forms" security





Hi,



I am trying to get the "Forms" based"  Security" to work but am I

correct in assuming that I have to explicitly refer the User in order to

protect the page?



i.e something like this in the page load



                  string Security 

Context.User.Identity.Name.ToString();

                  if (Security=="")

                  {

                        Response.Redirect("login.aspx");



                  }



I thought the path attribute of the forms node in config web would

automatically protect a whole directory but this does not seem the case.



Any help appreciated.



David

  Return to Index  
About Wrox  |  Contact Us  |  Subscribe to an RSS Feed of New Wrox Titles
Copyright © 2000-2004 by John Wiley & Sons, Inc. or related companies. All rights reserved. Please read our Privacy Policy