How to restrict access to pages for dynamically generated menu based on roles
-
Hi all, I have created a web control which dynamically creates menu based on the session set (ex: Session["empid"]=8} .Based on this session id the database is queried and appropriate menu items are displayed.But although the menu item link is not displayed for the user who has no authority to access a page ,if the user knows the url to a page which he is not supposed to view and types in,he can easily get access to the page .Is there any way out of this.Is there a way to dynamically configure at runtime in such a way that acess to pages for certain session id's can be restricted.Please help me out guys Thanks in advance, beadarsh
-
Hi all, I have created a web control which dynamically creates menu based on the session set (ex: Session["empid"]=8} .Based on this session id the database is queried and appropriate menu items are displayed.But although the menu item link is not displayed for the user who has no authority to access a page ,if the user knows the url to a page which he is not supposed to view and types in,he can easily get access to the page .Is there any way out of this.Is there a way to dynamically configure at runtime in such a way that acess to pages for certain session id's can be restricted.Please help me out guys Thanks in advance, beadarsh
Hi, Create a base page and inherit all your pages from that page. And in this base page implement your security logic, that the requested pageid matches with current session's employee priviliges or not, and if not then redirect him to login page or display any unauthorization message. Regards Ghuna Singh