ASPNET: Login mechanism for web apps

Thursday, March 22, 2012

Login mechanism for web apps

Is there an easy way to implement this so that only minimal changes are
needed to web pages for them to use this mechanism? I want to avoid having
the same code in every web page that needs to use the mechanism. Is there
any way to share this code, possibly in a C# dll?If you are using .NET 2.0 you should probably just use the Web Parts /
Membership provider. This takes care of everything for you and you can
control whether the user remains logged in, and when the user should time
out.
This also provides a very seamless integration with your existing website -
meaning that all you have to do is add the login page, and in your
configuration deny anonymous access to the folders and set the login page.
Then the only condundrum would be if you already have an existing user base
and the matter of syncing the two.
It also comes with a built in site administration, which is albeit pretty
shitty - quick and dirty.

"chris fellows" wrote:

Quote:

Originally Posted by

I am writing a generic login mechanism for our web apps using ASP.NET / C#
(VS2005). Various web pages need to present a login dialogue for the user to
re-enter their application-level username & password every 20 minutes. The
dialogue would pop up, the user would enter their login details again and
they would return to where they were previously in the web app. This
dialogue would be displayed (if necessary) on page load. Ideally the login
dialogue will be a popup. Authentication will require access to a database.
>
Is there an easy way to implement this so that only minimal changes are
needed to web pages for them to use this mechanism? I want to avoid having
the same code in every web page that needs to use the mechanism. Is there
any way to share this code, possibly in a C# dll?
>
>
>

The typical solution is to use Forms Authentication, which is built into
ASP.NET.
Here's more info:
http://www.dotnetbips.com/articles/...2a9f2cb897.aspx
http://www.dotnetbips.com/articles/...3dd25b308b.aspx
Combine that with the new login controls of ASP.NET 2.0 and you've got
pretty much everything you need with virtually no code required. Here's
more info on that:
http://SteveOrr.net/articles/SecureYourSite.aspx
--
I hope this helps,
Steve C. Orr,
MCSD, MVP, CSM, ASPInsider
http://SteveOrr.net
"chris fellows" <chrisfellows@.nospam.co.ukwrote in message
news:%23pV18YB5HHA.1212@.TK2MSFTNGP05.phx.gbl...

Quote:

Originally Posted by

>I am writing a generic login mechanism for our web apps using ASP.NET / C#
>(VS2005). Various web pages need to present a login dialogue for the user
>to re-enter their application-level username & password every 20 minutes.
>The dialogue would pop up, the user would enter their login details again
>and they would return to where they were previously in the web app. This
>dialogue would be displayed (if necessary) on page load. Ideally the login
>dialogue will be a popup. Authentication will require access to a
>database.
>
Is there an easy way to implement this so that only minimal changes are
needed to web pages for them to use this mechanism? I want to avoid
having the same code in every web page that needs to use the mechanism.
Is there any way to share this code, possibly in a C# dll?
>

For the Login control, how do you control when the login dialogue appears?
What changes would you make to the pages that would need to use it? Do you
have to redirect them to the login page and then redirect them back from the
login page?

Can a user be forced to re-enter the login details every N minutes?

Can the Membership do the authentication via a webservice which would
authenticate the user on the database? (We may want to make our
authentication mechanism available to VB6 applications too.)

Thursday, March 22, 2012

Login mechanism for web apps

0 comments:

Post a Comment

ASPNET

Blog Archive

About Me