S
Shapper
Hello,
I am developing a web site where half of the pages are public and the
other half are accessible only to registered users.
The pages which are accessible only to registered users have content
which can be visible or not according to the user access level.
I was reading the Tutorial "Role-based Security with Forms
Authentication"
http://www.devhood.com/tutorials/tutorial_details.aspx?tutorial_id=433
but I was surprised by forms authentication in ASP.Net working only in
IE.
I need my authentication system to work in Firefox to so I plan my
authentication this way:
1. Everytime a user logins and its password is successful validated the
following is done:
(a) Session("user") = Username Value
(b) A random string is generated and placed in a database field of
the user record.
(c) The same random string is placed in Session("randomstring")
2. In Page_Load of every restrict access page I check if
Session("randomstring") = Database(Random String Value) for Username in
Session("User")
If everything confirms the user can access the page and the content
is set according to its access level.
3. In Global.asax I set the database field randomstring to Something
when the application ends.
Well this is just an idea. I need an authentication system which
differentiates public and restricted pages and that uses access level to
set content.
Can you send me your opinion?
Is an easy way to do this in ASP.Net and that will work not just in IE?
Can someone help me out or give me some ideas?
Thank You,
Miguel
I am developing a web site where half of the pages are public and the
other half are accessible only to registered users.
The pages which are accessible only to registered users have content
which can be visible or not according to the user access level.
I was reading the Tutorial "Role-based Security with Forms
Authentication"
http://www.devhood.com/tutorials/tutorial_details.aspx?tutorial_id=433
but I was surprised by forms authentication in ASP.Net working only in
IE.
I need my authentication system to work in Firefox to so I plan my
authentication this way:
1. Everytime a user logins and its password is successful validated the
following is done:
(a) Session("user") = Username Value
(b) A random string is generated and placed in a database field of
the user record.
(c) The same random string is placed in Session("randomstring")
2. In Page_Load of every restrict access page I check if
Session("randomstring") = Database(Random String Value) for Username in
Session("User")
If everything confirms the user can access the page and the content
is set according to its access level.
3. In Global.asax I set the database field randomstring to Something
when the application ends.
Well this is just an idea. I need an authentication system which
differentiates public and restricted pages and that uses access level to
set content.
Can you send me your opinion?
Is an easy way to do this in ASP.Net and that will work not just in IE?
Can someone help me out or give me some ideas?
Thank You,
Miguel