Newbie question

R

RD

I have a login which does a lookup in a Sql server table to check for valid
usernames and password. Then if login is Ok user allowed to go to next page
by using a response.redirect. Once on the next page he can continue using
site.

Question is how do I prevent a user from copying a URL from the explorer and
copying that address to a browser and then go directly to that page,
bypassing the login page?

I need to use SQL server based login because it is easier for the users to
maintain that list with a simple User Interface than it is to have them
understand the ins and outs of Windows security and groups. most of my
customers are small buisnesses with no budgets for training or hiring system
admins so I gotta KISS - (keep it simple stupid) :)

Thanks for any help

RD
 
B

Brock Allen

You need to authenticate the user on every request. It sounds like you want
to use FormsAuthentication which is a mechanism of issuing a cookie to the
user to identity them. Then there's a declarative syntax you can specify
in your web.config to control access. This is nice so you don't have to manually
code the access check in every page. Here's a link on Forms Authentication
to get you started:

http://msdn.microsoft.com/library/d...uide/html/cpconSimpleCookieAuthentication.asp

and

http://www.dotnetjunkies.com/QuickS...px?url=/quickstart/aspplus/doc/formsauth.aspx
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top