Solved

How to make separated sessions pear each authenticated folder ?

Posted on 2009-07-01
3
170 Views
Last Modified: 2013-11-07
guru_sami:

If I log in to "admin" subfolder I can enter to "manager" subfolder without been asked for validation.
I wonder if would be possible that users logs in to admin folder can´t do it to manager folder and vice versa.

Thanks.
0
Comment
Question by:dimensionav
  • 2
3 Comments
 
LVL 41

Accepted Solution

by:
guru_sami earned 500 total points
ID: 24758834
Yes....that was my fear which I thought you are dealing with by putting Session["Area"] or something like that.
1: Add Roles to userContext ( http://www.dotnetfunda.com/articles/article141.aspx )
Then your web.config location should change like below:
<location path="admin">
            <system.web>
                  <authorization>
                                                                                      <allow roles="Admin"
                        <deny users="*"/>
                  </authorization>
            </system.web>
      </location>

<location path="manager">
            <system.web>
                  <authorization>
                                                                                      <allow roles="Manager"
                        <deny users="*"/>
                  </authorization>
            </system.web>
      </location>

2: Store user Role in Session Variable and on each page check if user belong to particular role, this might become more tricky.
0
 
LVL 41

Assisted Solution

by:guru_sami
guru_sami earned 500 total points
ID: 24758866
Oh yes...if you are using asp.net membership provider for authentication then you can start using RolesProvider as well. In that case discard the previous reference link I provided and look at roles tutorials here:
http://www.asp.net/learn/security/
0
 

Author Comment

by:dimensionav
ID: 24777017
I´m not an expert on C# and a think this is gonna take some time so I´ll try and I´ll let you know any issue in a related question.

Thanks
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
Creating an analog clock UserControl seems fairly straight forward.  It is, after all, essentially just a circle with several lines in it!  Two common approaches for rendering an analog clock typically involve either manually calculating points with…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now