WebControl setting security

S

STech

Hi,

I have several aspx pages (user.aspx, admin.aspx...) that contains one
common user control (foo.ascx). Foo.ascx is responsible for checking the
roles of the user logged on and display data based on role. If a person with
only "user" access tries to access, say, admin.aspx, I want to redirect the
user to user.aspx. The problem is that, in this case, the aspx page loads
first before the foo.ascx loads.

Is there a way to force a method in foo.ascx to fire first before the aspx
page is loaded? This way I can redirect the user before the page competes
loading.

Thanks.
 
S

Steven Cheng[MSFT]

Hi Stech,

As for the Control/Page Load sequence problem you mentioned, it is the
normal behavior of the asp.net web form page. Since all the sub controls
are created after the page init and also the Page's Load event fire first
and then recursively call's the sub control's Load, we can't change this
sequence manually. As for checking roles. Is the role you mentioned the
custom roles defined in you web application? Generally , we can use
HttpModule or the Global object's Applicatoin level events to perform such
checking , those event fire event before the page is construct, you may try
doing the check there, here are some tech articles discussing on such means:

#Custom Authentication provider by implementing IHttpModule, IPrincipal and
IIdentity
http://www.codeproject.com/aspnet/AspNetCustomAuth.asp

#Role-Based Authorization With Forms Authentication
http://aspnet.4guysfromrolla.com/articles/082703-1.aspx

http://www.codeproject.com/aspnet/formsroleauth.asp

Hope helps. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
S

Steven Cheng[MSFT]

Hi Stech,

Have you had a chance to check the suggestions in my last reply or have you
got any further progress on this issue? If there're anything else we can
help, please feel free to post here.
Thanks.


Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
S

Steven Cheng[MSFT]

You're welcome, Stech.

Thanks again for your posting. Have a good day!

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
WebControl & Viewstate 4
Security Exception 0
server error on / application 3
row-level asp.net security 2
Forms Authentication Security questions... 1
Role base security and RedirectUrl 3
Security 6

Members online

Total: 33 (members: 1, guests: 32)
Robots: 354

Forum statistics

Threads
473,767
Messages
2,569,571
Members
45,045
Latest member
DRCM

Latest Threads

Top