Forms Auth. What do you think? -- asp.net security

Daren Hawes
8/2/2004 5:22:19 PM

Hi guys,

I am new to forms Authetication and wish to do the following.. A bit
like the Dreamweaver Authentication tool...

1. Authenticate my user by username and pass based on SQL Table data.
2. Save a session or alike with user ID in it.
3. Protect other pages from un authorised viewing.

Is it easy in forms authentication, or should I write code like the
dreamweaver way?

Thx

*** Sent via Developersdex http://www.developersdex.com ***

Raterus
8/3/2004 8:46:28 AM

Certainly it is easy (once you understand forms authentication), infact, =
you can avoid using the session entirely by using an authentication =
cookie. Nothing makes me gag more than seeing people code checks on =
each page that look something like this.

If session("logged_in") =3D true then
...
end if

There is no need to do checks like this with the tools asp.net has =
provided for you, any page access can be configured directly in =
web.config.

Here is some sample code on how to configure forms authentication with =
sql server..
http://msdn.microsoft.com/library/default.asp?url=3D/library/en-us/dnnets=
ec/html/SecNetHT03.asp

--Michael

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about asp.net security

asp.net security : Forms Auth. What do you think?