Solved

How to make separated sessions pear each authenticated folder ?

Posted on 2009-07-01
3
171 Views
Last Modified: 2013-11-07
guru_sami:

If I log in to "admin" subfolder I can enter to "manager" subfolder without been asked for validation.
I wonder if would be possible that users logs in to admin folder can´t do it to manager folder and vice versa.

Thanks.
0
Comment
Question by:dimensionav
  • 2
3 Comments
 
LVL 41

Accepted Solution

by:
guru_sami earned 500 total points
ID: 24758834
Yes....that was my fear which I thought you are dealing with by putting Session["Area"] or something like that.
1: Add Roles to userContext ( http://www.dotnetfunda.com/articles/article141.aspx )
Then your web.config location should change like below:
<location path="admin">
            <system.web>
                  <authorization>
                                                                                      <allow roles="Admin"
                        <deny users="*"/>
                  </authorization>
            </system.web>
      </location>

<location path="manager">
            <system.web>
                  <authorization>
                                                                                      <allow roles="Manager"
                        <deny users="*"/>
                  </authorization>
            </system.web>
      </location>

2: Store user Role in Session Variable and on each page check if user belong to particular role, this might become more tricky.
0
 
LVL 41

Assisted Solution

by:guru_sami
guru_sami earned 500 total points
ID: 24758866
Oh yes...if you are using asp.net membership provider for authentication then you can start using RolesProvider as well. In that case discard the previous reference link I provided and look at roles tutorials here:
http://www.asp.net/learn/security/
0
 

Author Comment

by:dimensionav
ID: 24777017
I´m not an expert on C# and a think this is gonna take some time so I´ll try and I´ll let you know any issue in a related question.

Thanks
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now