If you have implemented log-in, log-out capability in your ASP based Web Application then one of the main goals is to make sure unauthorized users do not get access to the pages within your web application. In other words, they must first login in order to get access to any information contained in the rest of the pages of the web application
To make my point clear, lets assume we have a web application which is composed of 3 aspx pages:
- Login.asp
- Profile.aspx
- Preferences.aspx
And we want user to land on Login.aspx first, enter their username and password and then get redirected to Profile.aspx and after filling out all the fields on Profile.aspx, Preferences.aspx is displayed in the users’ browser.
Web Server can be configured to take the users directly to my Login.aspx page when they type in the URL of the website, but I noticed that if the users want, then they can directly go to Profile.aspx and Preferences.aspx, something which I do not want to happen.
How to overcome this problem (assuming your Log-in and Log-out components are implemented correctly). The following piece of code is in C# (c sharp).
In the Page_Load(object sender, EventArgs e) method in C Sharp Code file associated with your ASPX page, embed your entire logic (code) in the following IF Condition:
if (Request.IsAuthenticated) //checking if the user trying to access the page is authorized
{
//your entire Page_Load ( …. ) logic goes here in this IF condition
}
else
{
Response.Redirect(“login.aspx”) ; //This will take the user to your Login page
}
3 comments:
Nice post! Really helpful! Thanks a lot!
Invitation letter
Hi! Your blog is simply super. you have create a differentiate. Thanks for the sharing this website. it is very useful professional knowledge. Great idea you know about company background.
Customized application development
This is really usefull.
Thanks a lot!
Post a Comment