Re: Intranet Login using ASPdotNET (advice)...
From: The Eeediot (eeediot_at_hotmail.com)
Date: 12/29/04
- Next message: Karl Seguin: "Re: Best way to check a session var on each page?"
- Previous message: Fabio: "Re: using EXCEL SHEET with ASP.NET"
- In reply to: The Eeediot: "Intranet Login using ASPdotNET (advice)..."
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 29 Dec 2004 13:14:33 -0500
Thanks for the replies.
Some stuff I didn't quite know about.
That is why I posted to the group...
"The Eeediot" <eeediot@hotmail.com> wrote in message news:5NudnQ33ed1CUU_cRVn-uw@giganews.com...
Hello, folks!
I am trying to design a login script / page for a set of administrative functions on my company's Intranet. I need something that is reasonably secure and I've been trying to rack my brains to come up with a scheme. These functions are for a bunch of look-up tables, a knowledge base, etc. I am looking for a little advice
I am thinking something along these lines:
default.aspx:
ViewState("Attempt") - count attempt (if > 3 then try again after session expires)
Session("Authenticated") - T or F
Username and Password stored in MSSQL 2000 database
User logs in.
If Session("Authenticated") = T
User gains access to admin pages...
Okay, not a terribly complicated design but how do I limit the scope of the Session object?
How do I set the session to expire in XX minutes?
How do I have the session automatically expire if the user exits their web browser or visits another site?
Should I use a Cache("...") object instead of Session("...") object?
I know these may be trivial to the gurus but I've been trying to find a decent model to follow for my login script.
TIA...
- Next message: Karl Seguin: "Re: Best way to check a session var on each page?"
- Previous message: Fabio: "Re: using EXCEL SHEET with ASP.NET"
- In reply to: The Eeediot: "Intranet Login using ASPdotNET (advice)..."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
