Security in ASP.Net
-
I am trying to implement security in Asp.net. I designed three pages login.aspx, WebForm1.aspx and WebForm2.aspx.. Every user should first login before accessing WebForm1.aspx and WebForm2.aspx. But my security fails when any user save the address of WebForm1.aspx and directly access it. In other word he may bypass login page. Can anyone solve this problem? thanx
-
I am trying to implement security in Asp.net. I designed three pages login.aspx, WebForm1.aspx and WebForm2.aspx.. Every user should first login before accessing WebForm1.aspx and WebForm2.aspx. But my security fails when any user save the address of WebForm1.aspx and directly access it. In other word he may bypass login page. Can anyone solve this problem? thanx
Store the login status in the session, and have every page check it and redirect to the login page if need be. I think there's actually a setting in the config file for this. Christian Graus - Microsoft MVP - C++
-
Store the login status in the session, and have every page check it and redirect to the login page if need be. I think there's actually a setting in the config file for this. Christian Graus - Microsoft MVP - C++
-
All the config file does is specify what the default page is, AFAIK. Certainly in our code, every page is derived from our custom base page class, which means the base class checks the user, and if they are not logged in, redirects to the default page. Christian Graus - Microsoft MVP - C++
-
All the config file does is specify what the default page is, AFAIK. Certainly in our code, every page is derived from our custom base page class, which means the base class checks the user, and if they are not logged in, redirects to the default page. Christian Graus - Microsoft MVP - C++
Why don't you use Forms authentication. Just add this code to your web config file. And it will do what you want.