if you're open to a slightly more complex way of doing this, using
asp.net roleproviders and membershipproviders provides a more built in,
hands off way of doing this.
here's a couple of links to get you started
http://weblogs.asp.net/scottgu/archi...13/442772.aspx - Source
Code for the Built-in ASP.NET 2.0 Providers Now Available for Download
http://www.devx.com/asp/Article/29256 - Writing A Custom Membership
Provider for your ASP.NET 2.0 Web Site
once you've set that up, in order to protect a folder in your website,
all you have to do is add this to that folder's web.config:
// ------ web.config ---------
<configuration>
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</configuration>
that will alllow users w/ the role 'admin' and deny all the rest ...
you can also use "<users="?" />" to deny unauthorized users. we just
finished updating our website to ouse those, and it helped us strip out
a lot of ugly looking code.
Mike P wrote:
I have some code of my own where I am checking a username/password
against a database for login, I am not using any of the login controls
etc. What I want to do next is to create a folder for my admin pages
and make it only available to administrators. At login I set an int
which if an admin logs in is set to 2, otherwise it is set to 1 or 3. So
what I want to be able to do is check if this int is 2, and if so set a
global value which means that the admin pages can be viewed. How do I
do this?
*** Sent via Developersdex http://www.developersdex.com ***