Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Setting Roles with Forms Authentication and Access 2003

Reply
Thread Tools

Setting Roles with Forms Authentication and Access 2003

 
 
=?Utf-8?B?RWQ=?=
Guest
Posts: n/a
 
      06-04-2004
Hi

I currently have an asp.NET project. I'm using Access 2003 and forms authentication to authenticate users. Can anyone tell me how to set the roles in asp.NET so that it recognizes them? The logging in portion of my code works...What I need to know is how to allow access to certain pages to users with an administrator role while blocking access to regular users. My database has 3 columns, username, password, and roles. It is the last column that I would like asp.NET to recognize.

Thank you

Ed
 
Reply With Quote
 
 
 
 
Paul Bobrowski
Guest
Posts: n/a
 
      06-04-2004
While I am just starting with ASP.NET, I have used regular ASP so hopefully
this still applies.

In the authentication portion of your code, have it read the role of the
user out of the database and store it in a Session Variable. On the pages
you would like to restrict to Administrator only access, but a check to
verify the user's role that is stored in the Session Variable at the very
beginning of the page load. If the user isn't an Administrator, use the
Redirect to send them into an invalid permissions page or whatever you want
to setup. Finally depending on how your site is designed it would be good
practice to not even show the links to visit the restricted page unless the
Session Variable role is set to an Administator.


"Ed" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I currently have an asp.NET project. I'm using Access 2003 and forms

authentication to authenticate users. Can anyone tell me how to set the
roles in asp.NET so that it recognizes them? The logging in portion of my
code works...What I need to know is how to allow access to certain pages to
users with an administrator role while blocking access to regular users. My
database has 3 columns, username, password, and roles. It is the last
column that I would like asp.NET to recognize.
>
> Thank you,
>
> Ed



 
Reply With Quote
 
 
 
 
John Saunders
Guest
Posts: n/a
 
      06-04-2004
"Ed" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I currently have an asp.NET project. I'm using Access 2003 and forms

authentication to authenticate users. Can anyone tell me how to set the
roles in asp.NET so that it recognizes them? The logging in portion of my
code works...What I need to know is how to allow access to certain pages to
users with an administrator role while blocking access to regular users. My
database has 3 columns, username, password, and roles. It is the last
column that I would like asp.NET to recognize.

The standard way to do this is to get a list of roles out of your database,
however you would do that. You will then save the list (perhaps as
comma-separated values) in the UserData property of the Forms Authentication
ticket. Then, in the AuthenticateRequest handler in global.asax, you'll pull
the list out of UserData and supply it to the GenericPrincipal constructor.
See HOW TO: Implement Role-Based Security with Forms-Based Authentication in
Your ASP.NET Application by Using Visual Basic .NET
(http://support.microsoft.com/default...b;en-us;306238) for an
example.
--
John Saunders
johnwsaundersiii at hotmail


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
Forms Based Authentication and AD and Roles and Security Trimming! Eric ASP .Net Security 0 11-01-2006 03:24 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
forms authentication and roles Phil Townsend ASP .Net 4 10-27-2004 08:30 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM



Advertisments