473,385 Members | 1,185 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > c# - hey, asp.net authentication/security

Join Bytes to post your question to a community of 473,385 software developers and data experts.

C# - Hey, ASP.NET Authentication/Security

joedeene
583 512MB
Hello,

I am fairly new to ASP.NET because I just finished configuring my IIS server to host it, not too long ago. Now to the problem, I want a secure way to log into the site, possibly without the use of SQL because I haven't configured that yet, or have no experience. But, I don't understand how to have a custom "Forms" Authentication and how it works, or even using "Windows" authentication with asp.net.

Basically, I want to make a web page kind of like a blog, and I want to be able to log in securely and I, being the Admin, can change/add/delete blogs. Any Ideas? Currently I'm using the StreamWriter and StreamReader objects to write to the server. But, step one is creating a secure log in.

joedeene
Nov 16 '08 #1
5 1362
Frinavale
9,735 Expert Mod 8TB
Since it's only going to be you logging into the system I would specify your user account information in your web.config file and use Forms Authentication. You can also specify which pages are restricted and which are publicly accessible in your web.config file.

Check out MSDN for more information on how to implement simple Forms Authentication. It wouldn't hurt to also check out Forms Authentication Explained.

There are a bunch of patterns mentioned in the MSDN library on how to secure your applications.

-Frinny
Nov 17 '08 #2
Plater
7,872 Expert 4TB
Depending on your needs Windows Authentication can be very usefull.
For instance, my website is hosted on a computer within our company domain. I used lose windows authentication to allow any valid domain user (any user who has crednetials to log into our custom domain) to be able to view the site.
So anyone correctly logged on to their computer on the domain, can just use the webpage like their was no security, but if someone from outside the domain tries, they are prompted for a username/password. If I were say, working at home, I could acess the webpage and input my username/password (like I would to log onto my computer) and it will let me access the webpage.
If you are not on a domain, the valid user accounts for windows authentication will be limited to those on the server computer.

Frinny(I think) posted a link to a video tutorial a long time ago on how to deal with logon situations on a website that was really good at walking you through stuff.
That is how I did mine. I am looking for the link.
http://www.asp.net/learn/security-videos/
Nov 17 '08 #3
Frinavale
9,735 Expert Mod 8TB

Frinny(I think) posted a link to a video tutorial a long time ago on how to deal with logon situations on a website that was really good at walking you through stuff.
That is how I did mine. I am looking for the link.
http://www.asp.net/learn/security-videos/
I did but Joedeen asked for a way to do it without using SQL and that video gives an example of setting up Forms Authentications, Membership, and Role Management using SQL Server as it's backbone. Here's a link to the video if you're interested.
Nov 17 '08 #4
Plater
7,872 Expert 4TB
Huh. Maybe I watched the wrong video then, because I don't use SQL for the backend at all.
Nov 17 '08 #5
joedeene
583 512MB
Well, I've worked with authentication using the web.config XML file, it's pretty interesting but I can't figure out how to add a user, but I figured I might as well go with SQL. The reason I didn't want to use SQL is because I'm running my server off of a Virtual PC, and I thought it would be difficult to put the data onto the guest machine from the one I have VWD 2008 and SQL Server installed. So, I just installed those programs on my guest machine(the server).

I will now follow SQL tutorials and I'm sure it will be much more secure and even easier to add users.
Nov 27 '08 #6

Sign in to post your reply or Sign up for a free account.

Similar topics

6
Secure and Unsecure Web Directories using Forms Authentication
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
.NET Framework
3
Combine Forms Authentication with Windows
by: Nick | last post by:
I am working a new application...well actually a series of applications for my company. They want internal users to be able to go to a site and everything regarding security is transparent,...
.NET Framework
1
how to avoid authentication
by: Konrad | last post by:
Hi All users should authenticate to reach some page. How to avoid this for some users. Thanks Konrad
ASP.NET
2
ASP.NET + SQL Server Windows authentication
by: Lior Amar | last post by:
Hey All, Trying to understand why I can not get SQL server to trust my IIS server. I have two machines set up, 1 App and 1 DB, and I'm trying to validate the applications access to the DB server...
ASP.NET
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
4
Intranet and Integrated Windows Authentication
by: Andrew | last post by:
Hey all, I would like to preface my question by stating I am still learning ASP.net and while I am confident in the basics and foundation, the more advanced stuff is still a challenge. Ok....
ASP.NET
4
Authentication problem for roles based
by: Chris Gatto | last post by:
Hi, I'm having what should be a minor problem but has turned into a 2 day slug fest with ASP.Net. I am simply attempting to authenticate my asp.net application users against users in an AD...
ASP.NET
7
Windows authentication from ASP.net application to Sql Server
by: Alice Wong | last post by:
I am setting up my Web ASP.net application to connect to Sql server using windows authentication. I set up IIS to have integrated windows authenication and sql to allow Windows authentication....
ASP.NET
2
client authentication
by: Frank Swarbrick | last post by:
I am trying to understand "client authentication" works. My environment is DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4 as the client. We currently have DB2/LUW set...
DB2 Database
4
Forms authentication vs session variable
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...
ASP.NET
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!