Re: Newbie question

From: Brock Allen (
Date: 05/18/05

  • Next message: Brock Allen: "Re: Extendig SqlMembershipprovider"
    Date: Tue, 17 May 2005 15:03:22 -0700

    You need to authenticate the user on every request. It sounds like you want
    to use FormsAuthentication which is a mechanism of issuing a cookie to the
    user to identity them. Then there's a declarative syntax you can specify
    in your web.config to control access. This is nice so you don't have to manually
    code the access check in every page. Here's a link on Forms Authentication
    to get you started:



    > I have a login which does a lookup in a Sql server table to check for
    > valid usernames and password. Then if login is Ok user allowed to go
    > to next page by using a response.redirect. Once on the next page he
    > can continue using site.
    > Question is how do I prevent a user from copying a URL from the
    > explorer and copying that address to a browser and then go directly to
    > that page, bypassing the login page?
    > I need to use SQL server based login because it is easier for the
    > users to maintain that list with a simple User Interface than it is to
    > have them understand the ins and outs of Windows security and groups.
    > most of my customers are small buisnesses with no budgets for training
    > or hiring system admins so I gotta KISS - (keep it simple stupid) :-)
    > Thanks for any help
    > RD

  • Next message: Brock Allen: "Re: Extendig SqlMembershipprovider"