ASP Login Page

[A P]

Hi!

I have existing login page that will check accounts table from my database
if the user is allowed to log on to the system. I use session to save user
variable. Every page that I will make, I always ask if the session where I
save the user variable exist, and if not, it will redirect to login page. Is
the the best way to control a web application using ASP. If not, can you
give me your thoughts?

regards,

Me

 

[Bob Barrows [MVP]]

Hi!

I have existing login page that will check accounts table from my
database if the user is allowed to log on to the system. I use
session to save user variable. Every page that I will make, I always
ask if the session where I save the user variable exist, and if not,
it will redirect to login page. Is the the best way to control a web
application using ASP. If not, can you give me your thoughts?

Sounds good to me. Do you have any specific concerns?

You should use an include page to check if the user is logged in. it will
save you some typing.

Bob Barrows

 

[A P]

Hi Curt,
is there any other method doing this since this method is only done my me.

Me

 

[Jeff Cochran]

is there any other method doing this since this method is only done my me.

Windows accounts. But that uses client licenses and is impractical in
many internet apps. Or ASP.NET options which improve on security
models.

FWIW, many apps do exactly as you have mentioned. You have issues
with maintaining sessions in clustered environments, and session
timeouts, but those won't affect most apps.

Jeff

 

[Ken Jenkins]

there is some good stuff here
http://www.aspin.com/home/webapps/usermanage