473,857 Members | 1,748 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

ASP.NET security: custom login check

5 New Member
Hi

I'm new to ASP.NET (from classic ASP) and wasn't aware of the Forms Authentication security when I started working on a website. So I built a login page that stores a CustomUser object in the Session, and then I put a login check in the Master Page codebehind, Page_Load event, which redirects to the Login.aspx if the login check fails.

I realise NOW that I should have gone th Forms Authentication (using web.config) route, but I dont have the time to change this now - I have to deliver the website today. I can come back later and change this.

So FOR THE TIME BEING, how can I get my custom security system to work?

The problem is, I have just put some code that uses the Sessions CustomUser object - into the Page_Load event on one of my access-restricted pages. But now I see that the Page_Load event of the content page fires BEFORE the Master page login check. I tried moving the login check to the Init event of the Master Page, but the content page's Page_Load event still got executed.

So I guess what I'm asking is, how do I (and where do I) add code that can check a Session object, and can then redirect the user WITHOUT executing the rest of the Page_Load (or any other such events)?

Much appreciated.
Sean
Mar 14 '08 #1
0 961

Sign in to post your reply or Sign up for a free account.

Similar topics

12
2613
by: Angelos Karantzalis | last post by:
Is there a way to set Permissions based on user roles by using some configuration file for my application ? I'm coming from a Java background, where that could very easily be accomplished but although I've searched around MSDN I can't find a clear answer to this ... Thanks a lot guys, Angel
1
1050
by: Big E | last post by:
I'm using ASP.Net Form Security. I have a login page and a redirect page etc... What I want to do is setup some type of anti-dictionary hack code. If someone tries to login unsuccessfully 7 times I want to send them a custom error page. I'm not sure of the best way to check if they had tried to login 7 times. Do I need to store in a database. I can't use session variables because I have various apps on various servers. Can I create some...
4
1177
by: Alexey Smirnov | last post by:
I have intranet application based on ASP.NET on Win2000AS (Framework 1.1). Website uses an Integrated Windows Authentication as Authentication method in IIS and has following security configuration in the web.config ------------------------------------------ <identity impersonate="false" /> <authentication mode="Windows" /> <authorization>
2
1184
by: roy anderson | last post by:
Hey all, I'm not new to web development, but totally clueless regarding web security/logins and such. I have a website which requires users to login, checks their info against a SQL Server backend, then saves their login as a session variable. As they browse through the various pages of the site, each page checks to see if the Session variable exists/is not null, etc. If the check fails, the page redirects them to the login form. ...
1
2671
by: Friends | last post by:
Hi I need to set security for row level but not based on Database user's login. It should be based on the user table login. For the particular user I need to allow only the particular records to access insert, update delete and select. Let me explain clearly For example think we are using asp/asp.net website
2
1939
by: Nosferatum | last post by:
This script is meant to limit access by sessions, using username and password from mysql db and redirect users after login according to a given value belonging to each user in the db (10,20,30,40). (the included config is just server settings, the login is just a login form). The script appear to connect but will not redirect users, it seems that even with correct login details, it won't validate.
3
2002
by: Smokey Grindle | last post by:
I want to make a security system in my webservice similar to the one that reporting services uses it has a logon user and logoff user web method... when you log on it logs you into a session and maintains your logged in status until you log off or timeout... I dont want to have to pass username/pass back and forth each time I call a method... I want to use sessions and I need a custom authentication and authorization method for our service...
4
1929
by: jobs | last post by:
Hello. If my users are logged in, and try to access restricted pages I want to direct them to a custom 403 page. If they are not logged in, I would like to continue to direct them to the login page as is currently happening. Curently, they always direct to the Login page in both cases, which i think is confusing.
2
7675
by: Ken Fine | last post by:
I want to add the security question and answer security feature to the ChangePassword control. I am aware that this functionality is built into the PasswordRecovery tool. I have implemented the PasswordRecovery with a Password reset required; a temporary password is sent to the account on file. I want an extra layer of security to accommodate the very unlikely contingency that someone's e-mail account is compromised. Challenging with the...
0
9923
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9768
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
11083
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
10808
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
10394
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
9549
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
5774
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
1
4592
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
3
3215
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.