Re: SQL2K and .NET

From: Etienne Charland (mystery@golden.net)
Date: 03/13/03

  • Next message: Nick: "Re: Problems Creating S/MIME Message" 
    From: "Etienne Charland" <mystery@golden.net>
Date: Thu, 13 Mar 2003 15:35:12 -0500

    There are several good ways to implement authentication.

    1) You can use Windows Integrated Security, and use system accounts

    2) You can implement custom authentication...
    Private Sub Login_Click(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles Login.Click
        If AuthenticateUser(txtUser.Text, txtPass.Text) Then
            FormsAuthentication.RedirectFromLoginPage(txtUser.Text, False)
        Else
            lblErreur.Visible = True
        End If
    End Sub

    (add the AuthenticateUser function, wich will check in a database table to
    see if login is valid)

    You'll need something like this in the configuration file. They will be
    redirected to the login.aspx page if they're not authenticated.
    <authentication mode="Forms">
        <forms loginUrl="login.aspx" name=".APPLOGIN" protection="All" />
    </authentication>

    There are other methods, but I think those are 2 good ones. In either way,
    you can specify many options in the configuration file, including rights
    that apply to each page or folder. You can tell what users have access to
    what files, and what actions they can do on it.

    In MSDN, read those pages from the index:
    "RedirectFromLoginPage method"
    "authorization element"

    Hope this helps.

    Etienne

    "Shawn" <shawntrevellick@hotmail.com> wrote in message
    news:093f01c2e914$ac040ec0$3001280a@phx.gbl...
    > Hey all,
    >
    > I am relatively new to the .NET environment. I am
    > creating an ASP web app that connects to SQL2K. I am
    > having a little trouble with the connection string. I
    > can connect to my db no problem. My issue is that people
    > can log onto my website and add themselves as a user.
    > How do I change the connection string to use their login
    > and password? Is there something I am missing? I am
    > using the sp_addlogin to add them as a user in the
    > database but I could have several hundred people logged
    > in at one time. I am really confused, help
    >
    > Shawn

  • Next message: Nick: "Re: Problems Creating S/MIME Message"

    Relevant Pages

    • Re: Accessing Remote Server using NT and Basic Authentication
      ... I would think that using NT Authentication, one would just have to connect ... As permissions go on the UNC. ... >> want to use FileSystemObject to read a directories on a different server. ... >> Private Sub displayFolder ...
      (microsoft.public.inetserver.asp.general)
    • RE: forms authentication automatic logout without timers?
      ... I've been asked to somehow prevent that malicious user from being able to gain access to secure content if fogetful user didn't logout and the forms authentication timer on the auth cookie hasn't yet expired. ... > Private Sub Global_AuthorizeRequest(ByVal sender As ... > the secured portion of the web app. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • forms authentication automatic logout without timers?
      ... the current url is secure or not. ... Private Sub Global_AuthorizeRequest(ByVal sender As ... >I have a web application that uses forms authentication. ... the secured portion of the web app. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Connecting to AS 2005 using a specified user
      ... specifying MSOLAP.2 in the connection string has no effect ... when connecting from Excel. ... AS2005 is the same userID specified in the HTTP connection string, ... > Basic authentication credentials. ...
      (microsoft.public.sqlserver.olap)
    • Re: Persisting user login credentials across pages
      ... In ASP.Net 1.1 most people add the connection string to the web.config file. ... "Siobhan" wrote in message ... >> Sample code requires you to have a login method on your Principal class ... >>> I am not sure how Forms authentication would work - the sample using ...
      (microsoft.public.dotnet.framework.aspnet)