«

[krish.mtm143]

hi,

Q.how to maintain different sessionid for different sub folders in Asp.net webappli.,

rootfolder(myweb)
--folder1(Admin)
Login.aspx
Logout.aspx
pageAdmin1.aspx
pageAdmin2.aspx
pageAdmin3.aspx
adminweb.config(forms authentication)
--folder2(Userpages)
Login.aspx
Logout.aspx
page1.aspx
page2.aspx
page3.aspx
userweb.config(forms authentication)

i want to maintain two different sessionids for these folders. i mean if i logged from admin module it does't effect the userpages. viceversa..
pls..help me

[ExpertPractice]

What i understand is ..u are actually looking for authorizing different users for different parts of your application. Like you want admin to access both User Pages and Admin pages but you want User to Access only the User Pages.
To Achieve that you dont actully need multiple web.config files.

Follow these steps

Add this to you Login form set it according to you authentication system.


Role= Get it from Db whether its an Admin or a User after checking UserName and Password.
/////Create Authentication Ticket Manually///////

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.Now.AddMinutes(20), true, Role);
string HashedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashedTicket);
cookie.HttpOnly = true;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);

Add This to Global.asax

void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (Context.User != null && Context.User.Identity.AuthenticationType=="Forms")
{
System.Security.Principal.IIdentity ID = Context.User.Identity;
FormsIdentity FrmID = (FormsIdentity)ID;
FormsAuthenticationTicket ticket = FrmID.Ticket;
string[] Roles = ticket.UserData.Split(',');
Context.User = new System.Security.Principal.GenericPrincipal(ID, Roles);
}
}

In Global.asax we are setting Role of the User To the current Context

Finally Define Roles in the web.config

<authentication mode="Forms">
<forms defaultUrl="index.aspx" loginUrl="index.aspx" name="MyFormCookie" protection="All" slidingExpiration="true" timeout="20">
</forms>
</authentication>
<authorization>
<allow users="*" />
</authorization>


<location path="Admin">
<system.web>
<authorization>
<allow roles="admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="UserPages">
<system.web>
<authorization>
<allow roles="admin,User" />
<deny users="*" />
</authorization>
</system.web>
</location>

define these settings at their appropriate locations in web.config



Hope this will help




@li