473,387 Members | 1,859 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > asp.net folder security

Join Bytes to post your question to a community of 473,387 software developers and data experts.

ASP.NET Folder Security

Hi,

I am developing a web application which needs different levels of
security.

- Basic browsing with name and basic profile being stored
- Changing account information e.g. address, password etc
- Buying an item from the store

I want all users to be able to do this, but I want them to have three
different login processes so that I can control the system. I want to
use forms authentication and would ideally have a web.config in a
folder for each level to control the authentication process. I know
this can't be done unless I split them into different applications.
This will however cause problems with holding sessions across the
applications etc.

If you could offer any advice I would really appreciate it.

Thanks :)

Apr 10 '06 #1
1 1942
"Dave" <bu****@wizardbuy.com> wrote in message
news:11**********************@u72g2000cwu.googlegr oups.com...
Hi,

I am developing a web application which needs different levels of
security.

- Basic browsing with name and basic profile being stored
- Changing account information e.g. address, password etc
- Buying an item from the store

I want all users to be able to do this, but I want them to have three
different login processes so that I can control the system. I want to
use forms authentication and would ideally have a web.config in a
folder for each level to control the authentication process. I know
this can't be done unless I split them into different applications.
This will however cause problems with holding sessions across the
applications etc.

If you could offer any advice I would really appreciate it.

Thanks :)


Hey Dave -

After going through a similar delima myself, I more or less threw out Forms
Authentication. I'll add a minor gripe. Asp.Net is terrific if you're in a
cookie cutter shop. It's a nightmare if you want to do anything even
slightly out of the ordinary. All the nicities tend to work against a
proprietary solution.

I switched to a simple Session["User"] == null check. It looks like this:

protected void Page_Load {
if (Session["User"] == null)
Response.Redirect("login.aspx?returnurl="+Request. Url);
// or
Response.Redirect("login.aspx?returnurl=a_very_spe cific_url.aspx");
}

These lines of code occur in every page_load of every page that will be
authenticated. But it's only a few lines of code.

The login page sets Session["User"] of course. And logout sets it back to
null (or abandons the session).

This method is very simple. It has all the benefits of form authentication
without any of the application disadvantages. And it can intelligently
redirect requests. That is, if a user tries to bookmark step 4 of 5, and
return to it tomorrow, the page will still snap back to the first screen or
whatever. This is in contrast to forms authentication which returns the
user to whichever page made the unauthenticated request (without recourse).

I consider the maintenance very minor, certainly much less so than virtual
directories springing up like daisies.

HTH,
Brian
Apr 10 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

10
how can i watch a mail folder for incoming email?
by: Nancy Drew | last post by:
hi all i want to build a trouble ticket system. i'd like to have a component written in vbscript watch a specific mail folder for income email (something like 'troubletickets@acme.com') the...
ASP / Active Server Pages
3
Folder Tree Security
by: scott | last post by:
I'm creating a tree menu that uses FSO to read folders, subfolders and files. I'd like for each folder to have capabilty of being either Level 1,2,3,4 or 5 security. The 5 Levels are my security...
ASP / Active Server Pages
7
Securing A Folder On A Server
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store...
Microsoft Access / VBA
2
impersonation and accessing remote folder
by: Jon L. Lovesky | last post by:
Hello all, I am attempting to access a remote folder from an asp.net application (all within the same domain). The application is configured for windows authentication in IIS and the asp.net...
ASP.NET
5
folder security
by: Nikhil Patel | last post by:
Hi all, My Asp.Net application gives System.UnauthorizedAccessViolation exception when It tries to write a word document to a special folder I created for storing word documents. It says ASPNET...
ASP.NET
2
API Help please - How do I find the owner of a file or folder using
by: John Regan | last post by:
Hello All I am trying to find the owner of a file or folder on our network (Windows 2000 Server) using VB.Net and/or API. so I can search for Folders that don't follow our company's specified...
Visual Basic .NET
5
How to tell if you have Read access to a network folder?
by: Mitchell S. Honnert | last post by:
Is there a way, given the full path of a folder on a network, that one can programatically tell if you have Read access to that folder? I have an application where the user is able to select a...
Visual Basic .NET
6
Check permissions on Folder
by: Fred W. | last post by:
When my application starts I need to check folder permissions to ensure they have "Full Control" before I let them proceed on. How can I check this permission. Thank you, Fred
C# / C Sharp
8
MS Access 2000 DB w/ Multi Read Only Users + Folder permissions & the Lock File
by: paquer | last post by:
Database Users need to have Read/Write etc... permissions to the folder where the Database resides in order to create the lock file. I have read only users. I have set up the Shortcut that links...
Microsoft Access / VBA
1
Frustrated setting up write permission to a folder
by: gnewsgroup | last post by:
OK, I know this sounds stupid, but I have been playing with this for hours, and could not get a clue. In my asp.net 2.0 web application, I generate charts on the fly. I would like to save the...
ASP.NET
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!