how to know if a request come from internal user (employee) orexternal user (vendor)

C

Chris

Hi,

I have an extranet site (asp.net), we want that if an employee click
on the link, it will automatically get them in. But if an external
user does it, they will be redirected to a login page.

is it possible? how to know if a request come from internal user
(employee) or external user (vendor).

Thanks

Chris
 
H

Harlan Messinger

Chris said:
Hi,

I have an extranet site (asp.net), we want that if an employee click
on the link, it will automatically get them in. But if an external
user does it, they will be redirected to a login page.

is it possible? how to know if a request come from internal user
(employee) or external user (vendor).
Click to expand...

The server has no way to sense the vibes of the person whose
interactions with a computer caused it to send the server a request to
determine his status with respect to the company.

You can find out the *IP address* of the device from which the request
is coming to see if it's an intranet or Internet address. That's

Request.ServerVariables["LOCAL_ADDR"]

But since employees can and probably will access the site from outside
your intranet, and since unauthorized visitors of exactly the sort you
want to keep out of your site can sneak into your office and then gain
access from inside your intranet when no one's looking, this doesn't
really help you.

If you are absolutely certain that no non-employee will EVER access this
site from inside your office, and your employees are content to log in
when they are outside the office, then you may be all right. But if you
care about security, you won't count on it.
 
A

Andy O'Neill

Chris said:
Hi,

I have an extranet site (asp.net), we want that if an employee click
on the link, it will automatically get them in. But if an external
user does it, they will be redirected to a login page.

is it possible? how to know if a request come from internal user
(employee) or external user (vendor).

Thanks

Chris
Click to expand...
I think you can do that with membership provider, although you'll need to
write some code to extend the provider a bit.
If you set it to use activedirectory then handle those with no (valid)
active directory by making them log in.
I couldn't find a specific example but you should be more motivated in your
googling.
http://msdn.microsoft.com/en-us/library/ms998345.aspx
 
S

shusta guthnar

Chrsi,

One person would be the usual haveing talk to network persons redirect
on class C or internal address. redirected with a javascripting.

Haveing good days

Shusta
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Losing motivation, don't know how to learn. 5
How can I execute a function ONLY if fetch request returns 404 status? 0
HCaptcha - How to stop page from refreshing on submit if captcha is not checked/validated 1
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Add the value taken from the user to my range for ActiveX ComboBox 0
Hi, I am a webflow user. I am looking for CSS code that can KEEP ALL ELEMENTS POSITIONED in the SAME spot across all resolutions 0
How to effectively develop a web application from scratch? 0
How to fetch and console.log all items from an associative array 3

Members online

No members online now.
Total: 32 (members: 2, guests: 30)
Robots: 456

Forum statistics

Threads
473,768
Messages
2,569,575
Members
45,053
Latest member
billing-software

Latest Threads

Top