S
sjl
I'm using Forms Authentication. When I authenticate a user from a database,
I use the following line:
FormsAuthentication.RedirectFromLoginPage(parameterID.Value.ToString(),chkRemember.Checked);
where parameterID.Value is the ouput parameter from my stored proc which is
the primary key from the database of the user who logged in. That way, I
always use that key when writing back to the database for various tasks
(Page.User.Identity.Name). Is that the same value that gets evaluated in
the web.config file authorization section to allow/deny users? For example,
what user am I really looking for if I use <allow users="xxxx" /> in the
web.config file? They login using email/password, but I write the
authentication ticket using the primary key from the database.
What I'm really wanting to do is use forms auth to secure one folder for
only authenticated users. Anyone who is registered on my site and logs in
can get to all files in that folder. Additionally, I'd like to have an
administrative back-end for the site in another subfolder that will only all
myself into. Am I forced to use roles to accomplish this or can I do this
with simple web.config settings?
Thanks in advance.
sjl
I use the following line:
FormsAuthentication.RedirectFromLoginPage(parameterID.Value.ToString(),chkRemember.Checked);
where parameterID.Value is the ouput parameter from my stored proc which is
the primary key from the database of the user who logged in. That way, I
always use that key when writing back to the database for various tasks
(Page.User.Identity.Name). Is that the same value that gets evaluated in
the web.config file authorization section to allow/deny users? For example,
what user am I really looking for if I use <allow users="xxxx" /> in the
web.config file? They login using email/password, but I write the
authentication ticket using the primary key from the database.
What I'm really wanting to do is use forms auth to secure one folder for
only authenticated users. Anyone who is registered on my site and logs in
can get to all files in that folder. Additionally, I'd like to have an
administrative back-end for the site in another subfolder that will only all
myself into. Am I forced to use roles to accomplish this or can I do this
with simple web.config settings?
Thanks in advance.
sjl