I need to be able to password protect individual pages.
For instance:
/protected.aspx?id=123
/protected.aspx?id=555
Both would need to be only accessible to two different people (with their
own usr/pwd). What is the most appropriate way to handle this?
Typically, I'd use forms authentication and then protect an entire directory
within my app via the webconfig. In this case, though, I'm not protecting
specific aspx pages, but, rather, specific records in the DB retrieved on
this page.
I was thinking of having a person login, set a cookie with their their
usr/pwd in it, then on page load, check the cookie and match it to the
record I'm retrieving. If there's a match, show it, if not, redirect back to
the login page.
However, that would entail leaving a usr/pwd record in the cookie on their
machine. That seems like a security no-no.
I should mention that this is *not* a high security banking site or anything
of the sort. So, it doesn't have to be that secure...it's mainly being used
to avoid random browsing of some images. However, if I do it, I'd like to do
it 'right'. ;o)
-Darrel
1  1304 
Encrypt the username/password and store it in a cookie or even more simple:
store it in session
Shawn
"darrel" <no*****@nowhere.com> wrote in message
news:eL****************@TK2MSFTNGP02.phx.gbl...
I need to be able to password protect individual pages.
For instance:
/protected.aspx?id=123
/protected.aspx?id=555
Both would need to be only accessible to two different people (with their
own usr/pwd). What is the most appropriate way to handle this?
Typically, I'd use forms authentication and then protect an entire directory
within my app via the webconfig. In this case, though, I'm not protecting
specific aspx pages, but, rather, specific records in the DB retrieved on
this page.
I was thinking of having a person login, set a cookie with their their
usr/pwd in it, then on page load, check the cookie and match it to the
record I'm retrieving. If there's a match, show it, if not, redirect back to
the login page.
However, that would entail leaving a usr/pwd record in the cookie on their
machine. That seems like a security no-no.
I should mention that this is *not* a high security banking site or anything
of the sort. So, it doesn't have to be that secure...it's mainly being used
to avoid random browsing of some images. However, if I do it, I'd like to do
it 'right'. ;o)
-Darrel
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: nell |
last post by:
Hi all,
I've developed a testing application in python, and should supply it in
a way that no one (lets say they are regular users) will understand it
and edit it.
The application source is all...
|
by: Jonathan Henderson |
last post by:
Obfuscators aren't only used for protecting intellectual property.
See the hacker demo at this link:
http://www.preemptive.com/documentation/NetHackerDemo.html
For those who don't know what...
|
by: wallacej |
last post by:
Hi
Is there a way to protect system files, eg .ini files but still allow
access to them from C++ code?
As an example I have a settings file called SIMS.INI. This file is
often accessed...
|
by: netsurfer |
last post by:
hi..I'm working on a project that requires files to be password
protected on a UNIX based site. The people that own the web site want
to be able to change the password every so often. ...
|
by: Iain Napier |
last post by:
I'm in the middle of developing a website with a downloads section.
It's a wad of educational software for an LEA which for obvious reasons
needs password protecting. Users have to authenticate...
|
by: UJ |
last post by:
Folks,
We provide custom content for our customers. Currently we put the files on
our server and people have a program we provide that will download the
files. These files are usually SWF, HTML or...
|
by: flit |
last post by:
Hello All,
I have a hard question, every time I look for this answer its get out
from the technical domain and goes on in the moral/social domain.
First, I live in third world with bad gov., bad...
|
by: Porkie999 |
last post by:
-----------------------------------------------------------------------QUESTION
hi i am really stuck with this and its only a small problem.
i want to be able to type .........
dsfsjfjsjjfs in...
|
by: =?Utf-8?B?S2xhdXMgSmVuc2Vu?= |
last post by:
Hi
I have in the past had succes with protecting pdf-files from download by
unauthenticated users by adding an application extension in IIS and mapping
pdf.files to be served by the...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
