How do I prevent users from viewing a webpage directly by typing in its URL?

Discussion in 'ASP .Net' started by swbaz, Aug 12, 2003.

  1. swbaz

    swbaz Guest

    What is an effect way to prevent users from viewing a webpage directly by
    typing in its URL?

    For example: If a default page is set up as a login screen with user name
    and password.

    The user types in correct information and clicks the submit button.

    The next webpage comes up, displaying its URL. So what's to stop the user
    bypassing the login screen next time around? I would like to show an access
    denied message if this happens. Any suggestions?

    S
     
    swbaz, Aug 12, 2003
    #1
    1. Advertising

  2. "swbaz" <> wrote in message
    news:%...
    > What is an effect way to prevent users from viewing a webpage directly by
    > typing in its URL?
    >
    > For example: If a default page is set up as a login screen with user name
    > and password.
    >
    > The user types in correct information and clicks the submit button.
    >
    > The next webpage comes up, displaying its URL. So what's to stop the user
    > bypassing the login screen next time around? I would like to show an

    access
    > denied message if this happens. Any suggestions?


    You should look into Forms Authentication.

    Otherwise, the only way to control what the user does in the browser is to
    write your own browser.
    --
    John Saunders
    Internet Engineer
     
    John Saunders, Aug 12, 2003
    #2
    1. Advertising

  3. Personally...

    I have all of my aspx.vb pages derive themselves from a general template.
    Now I know this isn't what you're asking, but in the template I have a few
    public properties, one of them being AccessLevel. So basically, on each aspx
    page, I define the access level and then it checks it based on user session
    info. here is an example...

    Private _accessLevel As String = "Not Set"

    Public Property AccessLevel(ByVal pageLevel As String)

    Get

    Return _accessLevel

    End Get

    Set(ByVal Value)

    _accessLevel = pageLevel

    Select Case _accessLevel

    Case "General"

    'do nothing, no access needed

    Case "User"

    If Not Session("UserLoggedIn") Then

    Response.Redirect("default.aspx")

    End If

    End Select

    End Set

    End Property



    and then from each page in the Page_Load I say:

    Me.AccessLevel="General" or "User" or "Admin" and that restricts the page
    each time it is accessed!


    "Marc" <> wrote in message
    news:...
    > You could use the Session_Start subroutine in Global.asax
    >
    > Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
    > ' If the Session variable User is defined, then we can assume the
    > user has logged in.
    > ' Otherwise, redirect to the Login.aspx page (assumed to be in the
    > root folder).
    >
    > If Session("User") Is Nothing Then
    > Response.Redirect("/" & Request.Url.Segments(1).ToString &
    > "Login.aspx", True)
    > End If
    > End Sub
    >
    > "swbaz" <> wrote in message
    > news:%...
    > > What is an effect way to prevent users from viewing a webpage

    > directly by
    > > typing in its URL?
    > >
    > > For example: If a default page is set up as a login screen with user

    > name
    > > and password.
    > >
    > > The user types in correct information and clicks the submit button.
    > >
    > > The next webpage comes up, displaying its URL. So what's to stop the

    > user
    > > bypassing the login screen next time around? I would like to show

    > an access
    > > denied message if this happens. Any suggestions?
    > >
    > > S
    > >
    > >

    >
    >
     
    Jordan Marton, Aug 13, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. vips
    Replies:
    4
    Views:
    462
    darrel
    Mar 31, 2005
  2. veera maria
    Replies:
    4
    Views:
    478
  3. jonesy
    Replies:
    0
    Views:
    555
    jonesy
    Oct 26, 2006
  4. JimLad
    Replies:
    0
    Views:
    499
    JimLad
    Jan 26, 2010
  5. thunk
    Replies:
    1
    Views:
    315
    thunk
    Mar 30, 2010
Loading...

Share This Page