Forms Auth. What do you think?

D

Daren Hawes

Hi guys,

I am new to forms Authetication and wish to do the following.. A bit
like the Dreamweaver Authentication tool...

1. Authenticate my user by username and pass based on SQL Table data.
2. Save a session or alike with user ID in it.
3. Protect other pages from un authorised viewing.

Is it easy in forms authentication, or should I write code like the
dreamweaver way?

Thx
 
R

Raterus

Certainly it is easy (once you understand forms authentication), infact, you can avoid using the session entirely by using an authentication cookie. Nothing makes me gag more than seeing people code checks on each page that look something like this.

If session("logged_in") = true then
...
end if

There is no need to do checks like this with the tools asp.net has provided for you, any page access can be configured directly in web.config.

Here is some sample code on how to configure forms authentication with sql server..
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT03.asp

--Michael
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Auth (roles being ignored) 0
Forms auth for directory 4
forms auth, authenticate against already encrypted password? 7
web service security w/ mixed mode auth - seeking advice 2
Client/server application and Windows Integrated Auth 9
Windows 2003 Server, Web Farm, Forms Authentication, SlidingExpiration 0
forms authentication 0
forms authentication, cookieless? 2

Members online

Total: 2,702 (members: 4, guests: 2,698)
Robots: 130

Forum statistics

Threads
474,140
Messages
2,570,810
Members
47,357
Latest member
sitele8746

Latest Threads

Top