authorization in asp.net using sql databse
-
Hi all, I am developing a project in asp.net. After the user login i want to provide authorization . The resources/access rights are stored in sql server which maps to group/user .please suggest how do i proceed.. Authorization is required at the menus and also it must able protect the user from directly opening the pages by typing in the url. Thxs in advance
-
Hi all, I am developing a project in asp.net. After the user login i want to provide authorization . The resources/access rights are stored in sql server which maps to group/user .please suggest how do i proceed.. Authorization is required at the menus and also it must able protect the user from directly opening the pages by typing in the url. Thxs in advance
Hi,
tejesh123 wrote:
The resources/access rights are stored in sql server which maps to group/user
Create session variables each for every right (like bit 1 for authorized and 0 for not). After login check for those in database and according to that set the session variables.
tejesh123 wrote:
Authorization is required at the menus
Check for those variables while loading menu, if true then show link and otherwise.
tejesh123 wrote:
also it must able protect the user from directly opening the pages by typing in the url.
At !PostBack, check if session variables have values or not and at not, redirect to Home Page. note: create all variables in one .cs page and render that whole page as Session (eg.
SessionVariables sp = new SessionVariables(); sp = session["SessionVariables"];where session["SessionVariables"] is created in previous page likesession["SessionVariables"] = sp;) Hope this helps!!!Anand Desai Developer Atharva Infotech
-
Hi,
tejesh123 wrote:
The resources/access rights are stored in sql server which maps to group/user
Create session variables each for every right (like bit 1 for authorized and 0 for not). After login check for those in database and according to that set the session variables.
tejesh123 wrote:
Authorization is required at the menus
Check for those variables while loading menu, if true then show link and otherwise.
tejesh123 wrote:
also it must able protect the user from directly opening the pages by typing in the url.
At !PostBack, check if session variables have values or not and at not, redirect to Home Page. note: create all variables in one .cs page and render that whole page as Session (eg.
SessionVariables sp = new SessionVariables(); sp = session["SessionVariables"];where session["SessionVariables"] is created in previous page likesession["SessionVariables"] = sp;) Hope this helps!!!Anand Desai Developer Atharva Infotech
Still confused.. After i retrive the resources from sql server in string array,i need to copy it in session then i need to check whether the resources matches the arrtribute tag for the page..if yes provide the access if no otherwise but how do i at menu level(Navigation) & if any alternate mechanism at the page level Please provide a sample code
-
Still confused.. After i retrive the resources from sql server in string array,i need to copy it in session then i need to check whether the resources matches the arrtribute tag for the page..if yes provide the access if no otherwise but how do i at menu level(Navigation) & if any alternate mechanism at the page level Please provide a sample code
Instead using .NET server control for menu, use JavaScript for menu creation. It will ease checking an also provide better design with explicit css than in-built tamplets.
Anand Desai Developer Atharva Infotech
-
Instead using .NET server control for menu, use JavaScript for menu creation. It will ease checking an also provide better design with explicit css than in-built tamplets.
Anand Desai Developer Atharva Infotech
-
Hi thx for ur quick reply. but i am still a newbie,Sample code can help me in resolving a problem Waiting for reply
You can do it just simple way . Create a Default page that will display the Unauthorized User message. When you click on the link to open the page that time just simple check the roll of user, if the roles permit to access that page , navigate to that page other wise redirect to unauthorized access page. On unauthorized access page give a link to user back to the home page.
OnAdminLinkClicked() { if(Session["CurrentUserRole"].equals("Admin")) { Response.redirect("Admin.aspx"); } else { Response.Redirect("Unauthorized.aspx) } }Note: Given code is just a dummy example, not compiled and checked !!!
cheers, Abhijit
-
You can do it just simple way . Create a Default page that will display the Unauthorized User message. When you click on the link to open the page that time just simple check the roll of user, if the roles permit to access that page , navigate to that page other wise redirect to unauthorized access page. On unauthorized access page give a link to user back to the home page.
OnAdminLinkClicked() { if(Session["CurrentUserRole"].equals("Admin")) { Response.redirect("Admin.aspx"); } else { Response.Redirect("Unauthorized.aspx) } }Note: Given code is just a dummy example, not compiled and checked !!!
cheers, Abhijit
thx for the reply Well there may be more than 100+ users and more than 100+ access right and which are defined at the group level and some special at personal level.. Is it going to be optimistic solution for my problem.. Any custom methods which can be used across all the pages on the website. Also please give a solution for menu security w/o using role based security provided by asp.net
-
thx for the reply Well there may be more than 100+ users and more than 100+ access right and which are defined at the group level and some special at personal level.. Is it going to be optimistic solution for my problem.. Any custom methods which can be used across all the pages on the website. Also please give a solution for menu security w/o using role based security provided by asp.net