Correct way to check if authenticated on each page
-
I was given the task to take several websites and add login authentication to them. Currently, they are using Apache to login then it redirects to the site if their login was valid. What I was going to do, or did, was create a login page and use their custom authenticator class (which they wanted me to use) to validate then if successful redirect to the home page...simple enough. What I have a question on is if I am using this very basic (and probably old way) of doing this, can I add a session object "Authenticate" and set it to true if success, false if not. Then on the other pages during Page_Load check this session if authenticated and if not redirect to login page? Is this valid? Seems outdated and I know I can use the new Login Controls for .Net 3.5 but wasn't sure if I could or not. They are not using Windows Authentication or anything, it's what is typed in txtbox and validated in sql. The authentication class does this. Would appreciate any suggestions on how I could validate on each page if they were logged in or not. Thanks
-
I was given the task to take several websites and add login authentication to them. Currently, they are using Apache to login then it redirects to the site if their login was valid. What I was going to do, or did, was create a login page and use their custom authenticator class (which they wanted me to use) to validate then if successful redirect to the home page...simple enough. What I have a question on is if I am using this very basic (and probably old way) of doing this, can I add a session object "Authenticate" and set it to true if success, false if not. Then on the other pages during Page_Load check this session if authenticated and if not redirect to login page? Is this valid? Seems outdated and I know I can use the new Login Controls for .Net 3.5 but wasn't sure if I could or not. They are not using Windows Authentication or anything, it's what is typed in txtbox and validated in sql. The authentication class does this. Would appreciate any suggestions on how I could validate on each page if they were logged in or not. Thanks
Hi It is valid to use session for that.
Mohammad Khansari