i have a question about security of pages

M

miladhatam

what is the best security way to access a private page
i use session
for example
if (Session.Contents["us"].ToString() != "admin")
{
Response.Redirect("default.aspx");

}
but i know it is not safe
can you help me ?
 
M

Mark Fitzpatrick

Forms authentication works nicely and is definitely a step above using
session variables. If you're using ASP.Net 2.0, you can use the built-in
membership system in combination with Forms authentication (in 1.x you would
have to write your own routine to validate user credentials). You can then
have a web.config for the protected sub-directory that essentially says to
deny all users who don't have an authentication ticket and then forms
authentication will automatically redirect them to a place to login (which
can be the default page if you just want to hide the admin login page).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Search multiple pages 7
So I have (a sketch of) a universal system... 3
Please complete a task, I have one task for you 0
A website that I couldn't make a screenshot of it nor save any page from. 1
Hello everyone, thanks for creating this wonderful space! I have a beginner's question please. 0
Hello I have question for a programmer it`s regarding REDDIT but this forum is the best where to put it? 0
MDX pages not rendering in Gatsby.js 0

Members online

Total: 33 (members: 2, guests: 31)
Robots: 204

Forum statistics

Threads
473,767
Messages
2,569,570
Members
45,045
Latest member
DRCM

Latest Threads

Top