M
Mathieu Pagé
Hi,
In my ASP.NET application I want the password to expires after some
time. When a user sign in and his password is expired I automatically
send him to the change password page with a message explaining why he is
required to change his password.
What I want to do is prevent him to browse to any other page (whether by
using a link or by entering an other page URL in his browser) before his
password has been changed.
The only way I can think of, and I don't like it, is to check in the
OnLoad of every pages if the password is not expired and redirect the
user if it is.
Since this a common scenario, I suppose there is some etablished "good
practices" already know to deal with this problem. So i'm here, asking
you : Is there an elegant way to prevent a logged user from browsing my
site before he change his password?
Thanks in advance,
Mathieu Pagé
In my ASP.NET application I want the password to expires after some
time. When a user sign in and his password is expired I automatically
send him to the change password page with a message explaining why he is
required to change his password.
What I want to do is prevent him to browse to any other page (whether by
using a link or by entering an other page URL in his browser) before his
password has been changed.
The only way I can think of, and I don't like it, is to check in the
OnLoad of every pages if the password is not expired and redirect the
user if it is.
Since this a common scenario, I suppose there is some etablished "good
practices" already know to deal with this problem. So i'm here, asking
you : Is there an elegant way to prevent a logged user from browsing my
site before he change his password?
Thanks in advance,
Mathieu Pagé