Wrox Programmer Forums
|
BOOK: ASP.NET Website Programming Problem-Design-Solution
This is the forum to discuss the Wrox book ASP.NET Website Programming: Problem - Design - Solution, Visual Basic .NET Edition by Marco Bellinaso, Kevin Hoffman; ISBN: 9780764543869
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET Website Programming Problem-Design-Solution section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 19th, 2005, 04:29 AM
Authorized User
  
Join Date: Mar 2005
Posts: 36
Thanks: 0
Thanked 0 Times in 0 Posts
Default Redirecting a user after loggin in
Why doesnt ThePhile put the secure pages in the web.config like:

<location path="Checkout.aspx">
        <system.web>
            <authorization>
                <deny users="?" />
            </authorization>
        </system.web>
    </location>

And also use:
FormsAuthentication.RedirectFromLoginPage(customer Id, RememberLogin.Checked);

instead of redirecting to a default page everytime a user logs in???
 
Old April 19th, 2005, 04:41 AM
Authorized User
  
Join Date: Mar 2004
Posts: 25
Thanks: 0
Thanked 0 Times in 0 Posts
Default
There are load of different ways to use the web.config to deny access to pages. You can blanket whole directories, or individual files like you said.

As for the redirection, maybe they decided not to use it, or didnt know it was there. There are loads of descrepencies in the book from start to finish, you can tell that by the way the classes change chapter to chapter and for instance the way objects are populated changes and is not consistent. using the ASP.Net redirect is probably the best solution, problem with is, if you go straight to the login page, then the return URL queryString value does not exist, so you have to account for that.

Rob
 
Old April 19th, 2005, 10:41 AM
Authorized User
  
Join Date: Mar 2005
Posts: 36
Thanks: 0
Thanked 0 Times in 0 Posts
Default
You are right in everything u have said. As I dig deeper into the book, I also noticing a lot of descrepencies. But still authors have done a good job showing how .net works altogether.

You wrote:
"problem with is, if you go straight to the login page, then the return URL queryString value does not exist, so you have to account for that."

I also thought of this issue. I will tackle it by not sending the users directly to the login page. I will always send the users to other secure pages, such as MyAccount.aspx or Checkout.aspx, which should re-direct the user to the login page.

regards
 
Old April 19th, 2005, 07:45 PM
Friend of Wrox
  
Join Date: Jun 2003
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default
ThePhile was set up to use imperative (code) instead of declarative (config file) security. This gives the most flexibility because we are using the custom principal object from the base class.

To be fair, this design is probably overkill for the intended purpose. They wanted it to grow into something a lot larger, so sometimes the design seems bloated and inconsistant. I hope they pick up with a sequel to this book so the design can be further refined.

Eric





Similar Threads
Thread Thread Starter Forum Replies Last Post
Page Redirecting venkatagiri ASP.NET 2.0 Basics 0 June 22nd, 2006 06:17 AM
Redirecting control madkaikar_ashish General .NET 0 February 3rd, 2005 01:40 AM
Redirecting eldanh ASP.NET 1.0 and 1.1 Basics 3 August 9th, 2004 09:02 AM
Redirecting User to different pages fletched PHP Databases 1 March 29th, 2004 04:38 PM
Redirecting kend Classic ASP Basics 2 July 8th, 2003 04:15 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.