Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 4 > BOOK: Beginning ASP.NET 4 : in C# and VB
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: Beginning ASP.NET 4 : in C# and VB
This is the forum to discuss the Wrox book Beginning ASP.NET 4: in C# and VB by Imar Spaanjaars; ISBN: 9780470502211
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP.NET 4 : in C# and VB section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #11 (permalink)  
Old March 1st, 2012, 06:52 PM
Imar's Avatar
Wrox Author
Points: 72,045, Level: 100
Points: 72,045, Level: 100 Points: 72,045, Level: 100 Points: 72,045, Level: 100
Activity: 100%
Activity: 100% Activity: 100% Activity: 100%
 
Join Date: Jun 2003
Location: Utrecht, Netherlands.
Posts: 17,083
Thanks: 80
Thanked 1,587 Times in 1,563 Posts
Default

Then if the Employee ID is unique, why do you need to store the password?

Imar
__________________
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Follow me on Twitter

Author of Beginning ASP.NET 4.5 : in C# and VB, Beginning ASP.NET Web Pages with WebMatrix
and Beginning ASP.NET 4 : in C# and VB.
Did this post help you? Click the button below this post to show your appreciation!
Reply With Quote
  #12 (permalink)  
Old March 1st, 2012, 07:18 PM
Friend of Wrox
Points: 1,905, Level: 17
Points: 1,905, Level: 17 Points: 1,905, Level: 17 Points: 1,905, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
Default We are not storing the password.

We are not storing the password we are storing the EmployeeID# which the Employees are using as their password to log onto the system. The database is already set up that way. So when they log on they first log onto the network system and then they log on to the Employee Portal, which they use their names and their EmployeeID# as their passwords. Only do Administrators for each department have read, write, and delete privileges in the Employee Portal. Everybody else has just read privileges. So once they log on and use their EmployeeID#'s as passwords on the Employee Portal, from there I can I find out which department they belong to and if they are department administrators for the Employee Portal or not. The problem is we have to verify them against the Employee Database first to find out which department they belong to and then what are their user privileges and then assign that to session objects which follow them around as they navigate from webpage to webpage. Not the best way to do things, I agree but if you know or suggest a better way to do it, then I am like an Iowa cornfield: I am all ears.
Reply With Quote
  #13 (permalink)  
Old March 1st, 2012, 07:42 PM
Friend of Wrox
Points: 1,905, Level: 17
Points: 1,905, Level: 17 Points: 1,905, Level: 17 Points: 1,905, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
Default Passwords

The situation is not set up like you do in your book. We don't let the employees log into the Employee Portal and set up their own passwords. Those are already provided and put in the database by the DBA. They just log in and use their Employee Names as a USERID and their EmployeeID's as their password. Then from there, I grab the EmployeeID# and put it in as parameter for a SQL query and that way I can find out which department they belong to and if they are department admins. That information then gets put into a Session object if they are department admins and if they are department admins then only certain web elements are made available to them. So in other words, if they are Admins then I do a if test and see if their session IDs say they are Admins and if they are they can see certain weblinks, buttons, drop down lists ect. Kind of similar to what you do in your book on pages 614 thru 616. I still haven't found out a way to do it differently so that you don't have to create 20 different user roles for 20 different departments other than capturing their Passwords and putting it into a parameter in a query and then finding out what department they belong to and if they are administrators or not.
Reply With Quote
  #14 (permalink)  
Old March 1st, 2012, 07:50 PM
Imar's Avatar
Wrox Author
Points: 72,045, Level: 100
Points: 72,045, Level: 100 Points: 72,045, Level: 100 Points: 72,045, Level: 100
Activity: 100%
Activity: 100% Activity: 100% Activity: 100%
 
Join Date: Jun 2003
Location: Utrecht, Netherlands.
Posts: 17,083
Thanks: 80
Thanked 1,587 Times in 1,563 Posts
Default

This is conceptually what I would do too. It makes sense to capture something unique about the user (such as a unique ID or a role / department) and use that to fire customized queries.

It's just that using the password seemed wrong to me. However, you're using the unique ID which you incidentally use as the password as well.....

Imar
__________________
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Follow me on Twitter

Author of Beginning ASP.NET 4.5 : in C# and VB, Beginning ASP.NET Web Pages with WebMatrix
and Beginning ASP.NET 4 : in C# and VB.
Did this post help you? Click the button below this post to show your appreciation!
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chap 16 Security Question missing jkoyle BOOK: Beginning ASP.NET 4 : in C# and VB 2 November 11th, 2011 08:19 PM
Chapter 16 related question AriJay BOOK: Beginning Microsoft Visual Basic 2010 3 October 16th, 2010 12:03 PM
Chapter 16 Page 576 Question jsymons BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3 3 September 25th, 2009 03:20 AM
Security Problem(URL Authorization) A.Doroudian ASP.NET 1.0 and 1.1 Basics 0 May 31st, 2006 06:17 AM
Chapter 16 Question SomeDude BOOK: Beginning VB.NET 2nd Edition/Beginning VB.NET 2003 4 October 24th, 2005 06:13 PM



All times are GMT -4. The time now is 12:05 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.