Re: Best approach for authenticating users for various departments in ASP.Net

From: Hermit Dave (hermitd.REMOVE_at_CAPS.AND.DOTS.hotmail.com)
Date: 08/31/04 

Date: Tue, 31 Aug 2004 17:42:22 +0100

well you could use windows authentication to do user authentication.
or you could do forms authentication.

either way create groups and add users to different groups.
in web.config you can specify which group has access to what resource..
individual or directory using location element.

http://authors.aspalliance.com/aspxtreme/webapps/aspnetauthentication.aspx

http://www.codeproject.com/aspnet/custom_authentication.asp

just google it up if you need any more examples 

-- 
Regards,
Hermit Dave
(http://hdave.blogspot.com)
"Larry Rekow" <larry@netgeexdotcom> wrote in message 
news:e289j0tr6o1ehjt3nif3acu2m93ier909n@4ax.com...
>I created a web application in classic ASP 6 months ago that had a
> login page which would only allow certain users to add, update or
> delete files from 6 different departments. (Windows 2000 server, NTFS,
> IIS5, not using Active Directory. After users are challenged for basic
> windows authentication, they get to the login page.)
>
> At the time, I set-up an Access db and a manager's page to add, delete
> and modify the permissions of users. When a user would login, a string
> would be put into their session variable showing which departments
> they had permission to use. the string was something like: 0010100
> where the first "0" meant they didn't have permission to department 1,
> but, in this case, they DID have permission to departments 3 and 5.
> They have 6 departments...the seventh digit was to show they had
> permission to all departments.
>
> Anyhow, at the top of each department page where a user could do any
> adding or deleting or updating, i put an include file that would
> redirect them to the login page if they didn't have the correct string
> for that department in their session variable.
>
> Works fine (tho some don't like having to login again after the
> session times out), but I'm now wanting to re-write this app in
> ASP.Net, and would like to find a more elegant approach to this.  New
> to ASP.Net; not looking for code,  just some direction for a better
> solution.  Any ideas appreciated.
>
> Thanks,
>
> Larry Rekow
> - - - - - - - - - - - - - - - - - -
> "Forget it, Jake. It's Chinatown."

Relevant Pages

  • Best approach for authenticating users for various departments in ASP.Net
    ... they get to the login page.) ... a string ... where the first "0" meant they didn't have permission to department 1, ... session times out), but I'm now wanting to re-write this app in ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: local authentication problem
    ... permission for your login. ... Also when prompted make sure you enter your domain before your login i.e ... > I use windows authentication to determine the user and it works fine. ... > it works fine on all machines except the machine that is acting as the web ...
    (microsoft.public.inetserver.iis)
  • Re: Credentials not being passed with remote access
    ... allowed windows authentication to work, ... I had assumed johnx was a domain user rather than a local Windows account. ... johnx was set up as a local login on sql server. ...
    (microsoft.public.sqlserver.security)
  • Re: How to display the "Access Denied" page directly without the a
    ... authentication on whatever the link is pointing to. ... say "it is Shareponit's default behavior to pop up that login box ... whenever user tries to access the sharepoint page to which he/she does ... not the permission", I am referring to the Sharepoint access ...
    (microsoft.public.sharepoint.portalserver)
  • I was the owner of the access database. and now the owner is unkow
    ... that I don't have the necessary permission. ... Every once and while the login ... Microsoft Access MVP ... cut Access opens and I immediately get the message that I dont have ...
    (microsoft.public.access.security)