FormsAuthentica tion - Roles

Peter Morris [Air Software Ltd]

Hi

I validate the username/password and then execute the following code

System.Web.Secu rity.FormsAuthe ntication.Redir ectFromLoginPag e(
authorId, RememberCheckBo x.Checked
);

One folder I want to restrict to anyone logged in.....

<location path="Members">
<system.web>
<authorizatio n>
<deny users="?"/>
</authorization>
</system.web>
</location>

On another folder I want to restrict access only to a member which has
"IsAdministrato r" set to True in the database.

<location path="Admin">
<system.web>
<authorizatio n>
<deny users="*"/>
<allow roles="Admin"/>
</authorization>
</system.web>
</location>

Is this correct? How do I tell FormsAuthentica tion that the current user
has the Admin role?

Thanks
--
Pete
====
Read or write articles on just about anything
http://www.HowToDoThings.com

My blog
http://blogs.slcdug.org/petermorris/

Nov 19 '05 #1

Subscribe Reply

974

Saravana

Check out this article,

How To Implement Role-Based Security with Forms-Based Authentication in Your
ASP.NET Application by Using Visual Basic .NET
http://support.microsoft.com/default...b;EN-US;306238

--
-Saravana
http://dotnetjunkies.com/WebLog/saravana/
www.ExtremeExperts.com

"Peter Morris [Air Software Ltd]" <pe**********@g uess.co.uk> wrote in
message news:em******** *****@TK2MSFTNG P14.phx.gbl...

Hi

I validate the username/password and then execute the following code

System.Web.Secu rity.FormsAuthe ntication.Redir ectFromLoginPag e(
authorId, RememberCheckBo x.Checked
);

One folder I want to restrict to anyone logged in.....

<location path="Members">
<system.web>
<authorizatio n>
<deny users="?"/>
</authorization>
</system.web>
</location>

On another folder I want to restrict access only to a member which has
"IsAdministrato r" set to True in the database.

<location path="Admin">
<system.web>
<authorizatio n>
<deny users="*"/>
<allow roles="Admin"/>
</authorization>
</system.web>
</location>

Is this correct? How do I tell FormsAuthentica tion that the current user
has the Admin role?

Thanks
--
Pete
====
Read or write articles on just about anything
http://www.HowToDoThings.com

My blog
http://blogs.slcdug.org/petermorris/

Nov 19 '05 #2

Peter Morris [Air Software Ltd]

Hi

Thanks for the link.

Application_Aut henticateReques t

Does this event get called only once when the user logs in, or every time a
page is requested for which the user must be authenticated?

If it is only called once, do the roles get stored in the persistent cookie,
or on the server somewhere?

Finally, if the roles are on the server, and the user comes back with a
persistent cookie 6 months later, is this event triggered again so that the
roles may be established?

Thank you for your help.
--
Pete
====
Read or write articles on just about anything
http://www.HowToDoThings.com

My blog
http://blogs.slcdug.org/petermorris/

Nov 19 '05 #3

Saravana

This event fires for every request. You can check out this link for more
details,
http://msdn.microsoft.com/msdnmag/is...2/default.aspx

--
Saravana
http://dotnetjunkies.com/WebLog/saravana/
www.ExtremeExperts.com
"Peter Morris [Air Software Ltd]" <pe**********@g uess.co.uk> wrote in
message news:ua******** *****@TK2MSFTNG P14.phx.gbl...

Hi

Thanks for the link.

Application_Aut henticateReques t

Does this event get called only once when the user logs in, or every time a page is requested for which the user must be authenticated?

If it is only called once, do the roles get stored in the persistent cookie, or on the server somewhere?

Finally, if the roles are on the server, and the user comes back with a
persistent cookie 6 months later, is this event triggered again so that the roles may be established?

Thank you for your help.
--
Pete
====
Read or write articles on just about anything
http://www.HowToDoThings.com

My blog
http://blogs.slcdug.org/petermorris/

Nov 19 '05 #4

Similar topics

1828

FormsAuthentication.SignOut not working

by: Ed West | last post by:

Hello This SignOut code is not working, any ideas? TIA. public class logout : System.Web.UI.Page { private void Page_Load(object sender, System.EventArgs e) { FormsAuthentication.SignOut(); Response.Redirect ("default.aspx"); } ....

ASP.NET

348

FormsAuthentication.SignOut not working

by: Ed West | last post by:

Hello This SignOut code is not working, people are still logged in after it redirects to default.aspx. any ideas? Thanks. public class logout : System.Web.UI.Page { private void Page_Load(object sender, System.EventArgs e) { FormsAuthentication.SignOut(); Response.Redirect ("default.aspx"); }

ASP.NET

1940

DESPERATE: FormsAuthentication Problem

by: Jeff B | last post by:

I am having a very perplexing problem with setting the user's roles. I have tried to figure this out for 2 days now. When the user logs in to the site, I retrieve the roles from the database and create a semicolon delimited string listing the roles returned and store them in the forms authentication cookie. Then in the global.asax Application_AuthenticateRequest, I retrieve the FormsAuthenticationTicket from the forms authentication...

ASP.NET

1981

FormsAuthentication works as expected on a couple older websites, but not the same on a new website...

by: Dean R. Henderson | last post by:

I setup FormsAuthentication on a couple websites where it has been working as expected for a long time. I used this code to setup the same type of authentication on a new website I am working on and the Cookie Name is not getting setup the same way. In my Web.config file, I use the following basic settings on both the old and new websites: <authentication mode="Forms"> <forms name="SiteAuth" loginUrl="Logon.aspx" protection="All"

ASP.NET

8428

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

8953

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

8854

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

8704

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

6264

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

4253

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

4448

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

2849

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

2104

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP