Hello
I'm just wondering wich might be the best practice for realizing a login
system.
At the moment im having a object of self written type 'user' wich carrys
user data like name, email and a bool for 'loggedin'. I pass this object via
session.
This brings me to the point where if have at the very top of my aspx-site a
if-statement, wich returns a "Sorry, you are not logged in!" in case of
failed login and a very large else, wich contains the whole site, in case of
success.
Beside the way I did the securtiy aspect, I really dont like to have the
whole content in a: else { .. my whole site ... }
Is there a different way wich i just dont see?
Hope you get my point.
Thx so far!
yours erich
4  1532 
Forms Authentication is your best bet.
It is easily configured in your web.config file.
Here's more information: http://www.dotnetbips.com/displayarticle.aspx?id=9
--
I hope this helps,
Steve C. Orr, MCSD, MVP http://SteveOrr.net
"Erich" <Er***@discussions.microsoft.com> wrote in message
news:BD**********************************@microsof t.com... Hello
I'm just wondering wich might be the best practice for realizing a login
system.
At the moment im having a object of self written type 'user' wich carrys
user data like name, email and a bool for 'loggedin'. I pass this object
via
session.
This brings me to the point where if have at the very top of my aspx-site
a
if-statement, wich returns a "Sorry, you are not logged in!" in case of
failed login and a very large else, wich contains the whole site, in case
of
success.
Beside the way I did the securtiy aspect, I really dont like to have the
whole content in a: else { .. my whole site ... }
Is there a different way wich i just dont see?
Hope you get my point.
Thx so far!
yours erich
"=?Utf-8?B?RXJpY2g=?=" <Er***@discussions.microsoft.com> wrote in
news:BD**********************************@microsof t.com: Beside the way I did the securtiy aspect, I really dont like to have the
whole content in a: else { .. my whole site ... }
Is there a different way wich i just dont see?
Forms Authentication... Login is already pretty much built for you in
ASP.NET : )
--
Lucas Tam (RE********@rogers.com)
Please delete "REMOVE" from the e-mail address when replying. http://members.ebay.com/aboutme/coolspot18/
Thank you!
Its not that I need to get a ready build application as soon as possible -
I`m just trying a bit with c# and asp.net.
So, Form Auth is something I`ll google for soon of course!
Beside that - if you werent using form auth, and would do it the old
fasioned way, would it be similar to my way?
"Lucas Tam" wrote: "=?Utf-8?B?RXJpY2g=?=" <Er***@discussions.microsoft.com> wrote in
news:BD**********************************@microsof t.com:
Beside the way I did the securtiy aspect, I really dont like to have the
whole content in a: else { .. my whole site ... }
Is there a different way wich i just dont see?
Forms Authentication... Login is already pretty much built for you in
ASP.NET : )
--
Lucas Tam (RE********@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
"=?Utf-8?B?RXJpY2g=?=" <Er***@discussions.microsoft.com> wrote in
news:5A**********************************@microsof t.com: So, Form Auth is something I`ll google for soon of course!
Beside that - if you werent using form auth, and would do it the old
fasioned way, would it be similar to my way?
There is no reason to do it any other way but forms authentication. Forms
Authentication handles session management and page security... so you don't
have to worry about it yourself. Basically is is THE way to do it in
ASP.NET.
Forms Authentication can be modified to support a variety of login types
and is quite extensible.
--
Lucas Tam (RE********@rogers.com)
Please delete "REMOVE" from the e-mail address when replying. http://members.ebay.com/aboutme/coolspot18/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Swartz |
last post by:
Hi all.
I'm working here on a small project of mine. I'm not new to programming, but
I'm new to PHP. You have to understand that I'm coming from C++, OOP world,
so my code might seems a little...
|
by: n33470 |
last post by:
In a desktop application, is there a best practice to implement a
check at login time to ensure that the number of active users has not
exceeded a limit?
In our application, we intend to sell...
|
by: Matt Kruse |
last post by:
http://www.JavascriptToolbox.com/bestpractices/
I started writing this up as a guide for some people who were looking for
general tips on how to do things the 'right way' with Javascript. Their...
|
by: MichaelG |
last post by:
I have a web service that talks to SQL Server 2005. At present the WS uses
an SQL Server login and password to connect.
Is this best practice or should I be running the WS under a domain account...
|
by: Ned Balzer |
last post by:
Hi all,
I am pretty new to asp.net; I've done lots of classic asp, but am just
beginning to get my mind wrapped around .net.
What I'd like to do is include some code that tests if a user is...
|
by: Ronald S. Cook |
last post by:
I have a Win app wherein users login via my interface (i.e. not via NT
Authentication). Since the User Names are like "Driver 1, Driver 2, etc.,
sometimes Driver 1 might accidentally login as...
|
by: =?Utf-8?B?Sm9l?= |
last post by:
I am working on a web app that required authentication to AD.
The authentication is working fine the way I am doing it, but
was wondering what the best practice is.
My code doesn't actually...
|
by: =?Utf-8?B?QW1tZXI=?= |
last post by:
I've read many incomplete opinions about the "Best Practice" for securely
accessing SQL but what I really need to find the "Best Practice" that fits my
applications needs.
Currently (alpha...
|
by: dharmbhav |
last post by:
Hi,
I am designing a login mechanism for a website. Presently, I am blocking the user account for 1 hour if there are 3 failed login attempts with-in 1 hour.
However, I want to know if there is...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
| |
