P
Pdub
When accessing our web sites, users must enter their smart card, type in a
PIN, and then a third party site authenticates and sets a server variable if
they are valid. My apps take this value
(request.ServerVariables("HTTP_OURUSERS")) and then compares it to values in
my database. Based on this I set the role of the user. In classic asp apps
this was pretty straight forward; I would set a session value containing the
role and then each page had an include that checked to see if a user had
permission to access this page.
I would like to take advantage of the role manager in asp.net but I am very
confused as to the best way to go about it. In the one asp.net I have done, I
had 2 roles and used the master page to allow or deny access to each page. My
new app has 4 roles and a lot more pages. Any advice on the best direction is
greatly appreciated.
PIN, and then a third party site authenticates and sets a server variable if
they are valid. My apps take this value
(request.ServerVariables("HTTP_OURUSERS")) and then compares it to values in
my database. Based on this I set the role of the user. In classic asp apps
this was pretty straight forward; I would set a session value containing the
role and then each page had an include that checked to see if a user had
permission to access this page.
I would like to take advantage of the role manager in asp.net but I am very
confused as to the best way to go about it. In the one asp.net I have done, I
had 2 roles and used the master page to allow or deny access to each page. My
new app has 4 roles and a lot more pages. Any advice on the best direction is
greatly appreciated.