I have a simple .net web application. My goal is that it starts with a log in page. When the registration is sucsessfull the user should get to the real content of the website. There are links which should be able to follow after registration but not before. I am workting on this for a few days and canĀ“t find anything in the internet.
Asked
Active
Viewed 50 times
2 Answers
0
after registration successful redirect the page to real content and set the session to content page if user is not logged in redirect back to login or signup page
/*set session in content page this will prevent the direct access to
content page */
if(Session['success]==null){
redirect to login or signup page ;
}
Muhammad Waqas
- 1,140
- 12
- 20
0
Use Use the ASP.NET Membership Provider.
Do not roll your own using Session. It will be vulnerable to attacks such as session fixation.
Although having said that, it does have some flaws, for example it does not clear the server side of sessions after logout.
This will enable you to use the authorization rules in web.config:
<location path="AdminFolder">
<system.web>
<authorization>
<allow roles="Admin"/> //Allows users in Admin role
<deny users="*"/> // deny everyone else
</authorization>
</system.web>
</location>
Community
- 1
- 1
SilverlightFox
- 32,436
- 11
- 76
- 145