Hi
I have several web forms that require users verification by entering a code
before they are allowed in. I have created a separate web form for entering
and verifying user code. How do I incorporate this with web forms that
require security? I am very new to this and would appreciation some
clarification on how this sort of thing works in asp.net.
Thanks
Regards 6 1272
John wrote: Hi
I have several web forms that require users verification by entering a code before they are allowed in. I have created a separate web form for entering and verifying user code. How do I incorporate this with web forms that require security? I am very new to this and would appreciation some clarification on how this sort of thing works in asp.net.
There are several tutorials around, such as this one: http://www.dotnetjunkies.com/quickst...yoverview.aspx
The standard way is to put all protected aspx files in a separate
folder, and protect the folder through web.config.
ASP.NET will do most of the work then.
--
Jos
Hi
Thanks. Gives a good idea of what asp.net presents in terms of security. My
problem is much simpler. Basically it is a staff application form and we
want potential staff to call office first and get the code so we can vet
them. Nothing security critical by a long shot just to keep unqualified
people from sending in applications and wasting our time. Any possibility of
being able to do this simple user authentication? There are several forms
that need it. There is one form that handles input and verification of the
code.
Thanks
Regards
"Jos" <jn*************@fastmail.fm> wrote in message
news:%2***************@tk2msftngp13.phx.gbl... John wrote: Hi
I have several web forms that require users verification by entering a code before they are allowed in. I have created a separate web form for entering and verifying user code. How do I incorporate this with web forms that require security? I am very new to this and would appreciation some clarification on how this sort of thing works in asp.net.
There are several tutorials around, such as this one: http://www.dotnetjunkies.com/quickst...yoverview.aspx
The standard way is to put all protected aspx files in a separate folder, and protect the folder through web.config.
ASP.NET will do most of the work then.
--
Jos
Well John, with my understanding, you can use a session object to track the
user's authenticity in several pages.
on the page, user enters his credentials, set his session variable if he is
authenticated, like
Session["user"]='someValue';
Then on the page, where you need to check if the user is authenticated or
not, check the session variable you set, may be in the Page_Load() event, like
if(Session["user"]=='someValue')
{
// do whatever
}
in that way, the user wouldnt be able to anything on the page, if he doesnt
have that session variable. If he is nnot authenticated, Session["user"]
shouldnt contain any value, since you set it after the user is authenticated.
HTH
Let me knowif you have anymore questions
"John" wrote: Hi
Thanks. Gives a good idea of what asp.net presents in terms of security. My problem is much simpler. Basically it is a staff application form and we want potential staff to call office first and get the code so we can vet them. Nothing security critical by a long shot just to keep unqualified people from sending in applications and wasting our time. Any possibility of being able to do this simple user authentication? There are several forms that need it. There is one form that handles input and verification of the code.
Thanks
Regards
"Jos" <jn*************@fastmail.fm> wrote in message news:%2***************@tk2msftngp13.phx.gbl... John wrote: Hi
I have several web forms that require users verification by entering a code before they are allowed in. I have created a separate web form for entering and verifying user code. How do I incorporate this with web forms that require security? I am very new to this and would appreciation some clarification on how this sort of thing works in asp.net.
There are several tutorials around, such as this one: http://www.dotnetjunkies.com/quickst...yoverview.aspx
The standard way is to put all protected aspx files in a separate folder, and protect the folder through web.config.
ASP.NET will do most of the work then.
--
Jos
What statement do I use to redirect to login page if session page is not
set? As you can see I am very new at this.
Thanks
Regards
"KumarReddu" <Ku********@discussions.microsoft.com> wrote in message
news:82**********************************@microsof t.com... Well John, with my understanding, you can use a session object to track
the user's authenticity in several pages. on the page, user enters his credentials, set his session variable if he
is authenticated, like Session["user"]='someValue';
Then on the page, where you need to check if the user is authenticated or not, check the session variable you set, may be in the Page_Load() event,
like if(Session["user"]=='someValue') { // do whatever }
in that way, the user wouldnt be able to anything on the page, if he
doesnt have that session variable. If he is nnot authenticated, Session["user"] shouldnt contain any value, since you set it after the user is
authenticated. HTH Let me knowif you have anymore questions "John" wrote:
Hi
Thanks. Gives a good idea of what asp.net presents in terms of security.
My problem is much simpler. Basically it is a staff application form and
we want potential staff to call office first and get the code so we can vet them. Nothing security critical by a long shot just to keep unqualified people from sending in applications and wasting our time. Any
possibility of being able to do this simple user authentication? There are several
forms that need it. There is one form that handles input and verification of
the code.
Thanks
Regards
"Jos" <jn*************@fastmail.fm> wrote in message news:%2***************@tk2msftngp13.phx.gbl... John wrote: > Hi > > I have several web forms that require users verification by entering > a code before they are allowed in. I have created a separate web
form > for entering and verifying user code. How do I incorporate this with > web forms that require security? I am very new to this and would > appreciation some clarification on how this sort of thing works in > asp.net.
There are several tutorials around, such as this one: http://www.dotnetjunkies.com/quickst...yoverview.aspx The standard way is to put all protected aspx files in a separate folder, and protect the folder through web.config.
ASP.NET will do most of the work then.
--
Jos
You should not be trying to reinvent the wheel. Use forms authentication.
It will take care of all the dirty work for you. http://www.dotnetjunkies.com/quickst...formsauth.aspx
There are plenty of examples out there.
Greg
"John" <Jo**@nospam.infovis.co.uk> wrote in message
news:ue**************@TK2MSFTNGP09.phx.gbl... What statement do I use to redirect to login page if session page is not set? As you can see I am very new at this.
Thanks
Regards
"KumarReddu" <Ku********@discussions.microsoft.com> wrote in message news:82**********************************@microsof t.com... Well John, with my understanding, you can use a session object to track the user's authenticity in several pages. on the page, user enters his credentials, set his session variable if he is authenticated, like Session["user"]='someValue';
Then on the page, where you need to check if the user is authenticated or not, check the session variable you set, may be in the Page_Load() event, like if(Session["user"]=='someValue') { // do whatever }
in that way, the user wouldnt be able to anything on the page, if he
doesnt have that session variable. If he is nnot authenticated, Session["user"] shouldnt contain any value, since you set it after the user is authenticated. HTH Let me knowif you have anymore questions "John" wrote:
> Hi > > Thanks. Gives a good idea of what asp.net presents in terms of > security. My > problem is much simpler. Basically it is a staff application form and we > want potential staff to call office first and get the code so we can > vet > them. Nothing security critical by a long shot just to keep unqualified > people from sending in applications and wasting our time. Any possibility of > being able to do this simple user authentication? There are several forms > that need it. There is one form that handles input and verification of the > code. > > Thanks > > Regards > > > "Jos" <jn*************@fastmail.fm> wrote in message > news:%2***************@tk2msftngp13.phx.gbl... > > John wrote: > > > Hi > > > > > > I have several web forms that require users verification by > > > entering > > > a code before they are allowed in. I have created a separate web form > > > for entering and verifying user code. How do I incorporate this > > > with > > > web forms that require security? I am very new to this and would > > > appreciation some clarification on how this sort of thing works in > > > asp.net. > > > > There are several tutorials around, such as this one: > > http://www.dotnetjunkies.com/quickst...yoverview.aspx > > > > The standard way is to put all protected aspx files in a separate > > folder, and protect the folder through web.config. > > > > ASP.NET will do most of the work then. > > > > -- > > > > Jos > > > > > > >
Well i guess Forms Auth could solve ur problem!
GDLUCK
"Greg Burns" wrote: You should not be trying to reinvent the wheel. Use forms authentication. It will take care of all the dirty work for you.
http://www.dotnetjunkies.com/quickst...formsauth.aspx
There are plenty of examples out there.
Greg
"John" <Jo**@nospam.infovis.co.uk> wrote in message news:ue**************@TK2MSFTNGP09.phx.gbl... What statement do I use to redirect to login page if session page is not set? As you can see I am very new at this.
Thanks
Regards
"KumarReddu" <Ku********@discussions.microsoft.com> wrote in message news:82**********************************@microsof t.com... Well John, with my understanding, you can use a session object to track the user's authenticity in several pages. on the page, user enters his credentials, set his session variable if he is authenticated, like Session["user"]='someValue';
Then on the page, where you need to check if the user is authenticated or not, check the session variable you set, may be in the Page_Load() event, like if(Session["user"]=='someValue') { // do whatever }
in that way, the user wouldnt be able to anything on the page, if he
doesnt have that session variable. If he is nnot authenticated, Session["user"] shouldnt contain any value, since you set it after the user is authenticated. HTH Let me knowif you have anymore questions "John" wrote:
> Hi > > Thanks. Gives a good idea of what asp.net presents in terms of > security. My > problem is much simpler. Basically it is a staff application form and we > want potential staff to call office first and get the code so we can > vet > them. Nothing security critical by a long shot just to keep unqualified > people from sending in applications and wasting our time. Any possibility of > being able to do this simple user authentication? There are several forms > that need it. There is one form that handles input and verification of the > code. > > Thanks > > Regards > > > "Jos" <jn*************@fastmail.fm> wrote in message > news:%2***************@tk2msftngp13.phx.gbl... > > John wrote: > > > Hi > > > > > > I have several web forms that require users verification by > > > entering > > > a code before they are allowed in. I have created a separate web form > > > for entering and verifying user code. How do I incorporate this > > > with > > > web forms that require security? I am very new to this and would > > > appreciation some clarification on how this sort of thing works in > > > asp.net. > > > > There are several tutorials around, such as this one: > > http://www.dotnetjunkies.com/quickst...yoverview.aspx > > > > The standard way is to put all protected aspx files in a separate > > folder, and protect the folder through web.config. > > > > ASP.NET will do most of the work then. > > > > -- > > > > Jos > > > > > > >
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Marc Poulhičs |
last post by:
Hi,
I'm trying to build a system using HTTPS with python clients that have
to verify the server's identity. From the Python document, it seems that
the server's certificate is not veryfied, and...
|
by: |
last post by:
What is a good resource for integrating ASP applications with Active
Directory? I want pages that will allow operations on AD. A prime example is
that I want to have an ASP page that would ask...
|
by: Chris Sharman |
last post by:
I'm doing a rough validation of an email address client-side (using js),
but it's not enough - our customer service people are apparently
incapable of typing in an email address without error - we...
|
by: HD |
last post by:
Hi,
I was wondering if there is a way of verifying information that is in the
registry of the user's computer??? Or is there a way of checking if a file
is on the c:\ of the user's computer??
I...
|
by: Carter Smith |
last post by:
http://www.icarusindie.com/wiki/index.php/Server-Side_Javascript_Check
Sample source included
This method requires that your pages are PHP enabled and you have mySQL.
Although I suppose you...
|
by: Reinhold Schalk |
last post by:
Hello,
somewhere i've read that using strong names does assure two things:
1. Assure that the content of the assembly is not modified (that's ok in my
opinion)
2. Assure that the assembly is...
|
by: Bevo |
last post by:
We are developing a desktop application for a customer (VS 2003). The
customer wants us to retrieve the Windows logon information from Active
Directory, then ask the user to verify his password and...
|
by: Geisler, Jim |
last post by:
So, as far as I know, PostgreSQL does not have any way of verifying the loss
of referential integrity.
Are there any recommended methods or utilities for checking referential
integrity in a...
|
by: Thomas Hallgren |
last post by:
I'm connected to a database and I want to verify that a username and
password for some user is correct. I know I can verify a users existence
by doing:
select exists(select * from pg_user where...
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |