password protecting a page

[Phil Hellmuth]

Pardon my ignorance...I'm new to .NET...but I want a user to be forced
to submit login credentials before displaying a page. Is there a quick,
easy way to do this? Don't worry about verifying the ID/PW...that's
taken care of.

Thanks in advance.

 

[David Longnecker]

If you're on an IIS box, you can turn Windows Authentication on and have
them authenticate to the domain of the server (assuming an internal application).


If you're authenticating using forms via Membership, you can add a Login
control to your page (.NET 2.0+). This control, along with a bit of connecting
via your web.config and your SQL Server, will provide authentication and
authorization functionality.

If you simply just want them to type in SOMETHING, then two text boxes and
a button with a function in the code to verify the input.

Or something else? You mention that the authentication (verifying) is taken
care of, but with no insight how... if you have a secondary user control/web
service for this, then a couple text boxes may be what you're looking for
(opting for simplicity).

HTH.

-dl

 

[Phil Hellmuth]

Thanks for your response. The purpose is to prevent unauthorized users
from seeing a particular page. My client simply wants to use hard-coded
ID/PW values. The only way to get to the page is by entering the url.
Ideally, a dialog box prompting for credentials is the way to do this,
as opposed to an additional page. Does your second paragraph accomplish
this?

 

[Lloyd Sheen]

Thanks for your response. The purpose is to prevent unauthorized users
from seeing a particular page. My client simply wants to use hard-coded
ID/PW values. The only way to get to the page is by entering the url.
Ideally, a dialog box prompting for credentials is the way to do this, as
opposed to an additional page. Does your second paragraph accomplish
this?

If you are just looking for a simple roll your own method you could check
for a session item on the page load and if it does not exist then redirect
to the logon page (which when filled in correctly would redirect them to the
page which is password protected. It would also create the session item so
that subsequent visits to the page in the session would not need to be
revalidated.

Hope this helps.

Lloyd Sheen

 

[David Longnecker]

You can use the Authentication tools built into ASP.NET to match to stored
static values, located in your web.config or a database table. Here's a
brief walkthrough provided by Peter Bromberg:

http://www.eggheadcafe.com/tutorial...33-59a0d69844e8/basics-forms-authenticat.aspx