What is the best approach to verify a user?

[Guest]

Hi, friends,

I keep wondering if there is a better way to verify a user. Now, in my
asp.net app, each time a user signed in, I saved his/her userID in Session
object. In each following pages, I check if this userID exist in Session. If
yes, I consider it is a valid user, otherwise, I ask this to log in again.

But, I wonder if there is a better, affordable, easy way to validate a uer?

Any ideas, reference papers? Thanks.

 

[Greg Burns]

Are you not using ASP.NET built-in forms authentication model?

http://msdn.microsoft.com/library/d...uide/html/cpconsimplecookieauthentication.asp

Greg

 

[Mr Newbie]

There are several ways to do this. Your options are basically.

Windows Integrated - Great for intranet/extranet sites uses the domain
accounts.
Forms Authorisation - When u dont have and NT domain or you are on the
internet
Passport - When you have multiple sites and want a single logon
authentication

 

[Cowboy \(Gregory A. Beamer\)]

You have an entire infrastructure that takes away your need to hand code
this. If you are having them fill out a form and checking records in a
database, for authentication, you can declaratively point to the login form
and then use FormsAuthentication to handle the authenticated user object.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***********************************************
Think Outside the Box!
***********************************************

 

[Steve C. Orr [MVP, MCSD]]

Forms Authentication is usually your best bet in ASP.NET.
It is easily configured in your web.config file.
Here's more information:
http://www.dotnetbips.com/displayarticle.aspx?id=9
http://support.microsoft.com/default.aspx?scid=kb;en-us;311495
http://www.4guysfromrolla.com/webtech/121901-1.2.shtml

 

[Kevin Spencer]

Well, I *was* going to suggest getting a DNA sample, but then I got the the
"affordable, easy" part...

--
;-),

Kevin Spencer
Microsoft MVP
..Net Developer
A watched clock never boils.