I keep wondering if there is a better way to verify a user. Now, in my
asp.net app, each time a user signed in, I saved his/her userID in Session
object. In each following pages, I check if this userID exist in Session. If
yes, I consider it is a valid user, otherwise, I ask this to log in again.
But, I wonder if there is a better, affordable, easy way to validate a uer?
Any ideas, reference papers? Thanks.Are you not using ASP.NET built-in forms authentication model?
http://msdn.microsoft.com/library/d...hentication.asp
Greg
"Andrew" <Andrew@.discussions.microsoft.com> wrote in message
news:72E09963-51E9-4EDD-9797-9D327E17D61B@.microsoft.com...
> Hi, friends,
> I keep wondering if there is a better way to verify a user. Now, in my
> asp.net app, each time a user signed in, I saved his/her userID in Session
> object. In each following pages, I check if this userID exist in Session.
> If
> yes, I consider it is a valid user, otherwise, I ask this to log in again.
> But, I wonder if there is a better, affordable, easy way to validate a
> uer?
> Any ideas, reference papers? Thanks.
There are several ways to do this. Your options are basically.
Windows Integrated - Great for intranet/extranet sites uses the domain
accounts.
Forms Authorisation - When u dont have and NT domain or you are on the
internet
Passport - When you have multiple sites and want a single logon
authentication
--
Best Regards
The Inimitable Mr Newbie
"Andrew" <Andrew@.discussions.microsoft.com> wrote in message
news:72E09963-51E9-4EDD-9797-9D327E17D61B@.microsoft.com...
> Hi, friends,
> I keep wondering if there is a better way to verify a user. Now, in my
> asp.net app, each time a user signed in, I saved his/her userID in Session
> object. In each following pages, I check if this userID exist in Session.
> If
> yes, I consider it is a valid user, otherwise, I ask this to log in again.
> But, I wonder if there is a better, affordable, easy way to validate a
> uer?
> Any ideas, reference papers? Thanks.
Forms Authentication is usually your best bet in ASP.NET.
It is easily configured in your web.config file.
Here's more information:
http://www.dotnetbips.com/displayarticle.aspx?id=9
http://support.microsoft.com/defaul...kb;en-us;311495
http://www.4guysfromrolla.com/webtech/121901-1.2.shtml
--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://SteveOrr.net
"Andrew" <Andrew@.discussions.microsoft.com> wrote in message
news:72E09963-51E9-4EDD-9797-9D327E17D61B@.microsoft.com...
> Hi, friends,
> I keep wondering if there is a better way to verify a user. Now, in my
> asp.net app, each time a user signed in, I saved his/her userID in Session
> object. In each following pages, I check if this userID exist in Session.
> If
> yes, I consider it is a valid user, otherwise, I ask this to log in again.
> But, I wonder if there is a better, affordable, easy way to validate a
> uer?
> Any ideas, reference papers? Thanks.
You have an entire infrastructure that takes away your need to hand code
this. If you are having them fill out a form and checking records in a
database, for authentication, you can declaratively point to the login form
and then use FormsAuthentication to handle the authenticated user object.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
***********************************************
Think Outside the Box!
***********************************************
"Andrew" <Andrew@.discussions.microsoft.com> wrote in message
news:72E09963-51E9-4EDD-9797-9D327E17D61B@.microsoft.com...
> Hi, friends,
> I keep wondering if there is a better way to verify a user. Now, in my
> asp.net app, each time a user signed in, I saved his/her userID in Session
> object. In each following pages, I check if this userID exist in Session.
> If
> yes, I consider it is a valid user, otherwise, I ask this to log in again.
> But, I wonder if there is a better, affordable, easy way to validate a
> uer?
> Any ideas, reference papers? Thanks.
Well, I *was* going to suggest getting a DNA sample, but then I got the the
"affordable, easy" part...
--
;-),
Kevin Spencer
Microsoft MVP
..Net Developer
A watched clock never boils.
"Andrew" <Andrew@.discussions.microsoft.com> wrote in message
news:72E09963-51E9-4EDD-9797-9D327E17D61B@.microsoft.com...
> Hi, friends,
> I keep wondering if there is a better way to verify a user. Now, in my
> asp.net app, each time a user signed in, I saved his/her userID in Session
> object. In each following pages, I check if this userID exist in Session.
> If
> yes, I consider it is a valid user, otherwise, I ask this to log in again.
> But, I wonder if there is a better, affordable, easy way to validate a
> uer?
> Any ideas, reference papers? Thanks.
0 comments:
Post a Comment