Solved

User Page Authentication Using Sessions

Posted on 2011-03-09
6
187 Views
Last Modified: 2012-05-11
I am trying to prevent unauthorized access to pages on my VB.Net website. I have set up users manually and I am using Sessions to store the information about the User. I am not using the built in login and authentication features due to other reasons.

The code I am trying to run on Page Load is ..
 
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Session("Role") = "Admin" Then

        Else
            Response.Redirect("Default.aspx")
        End If
    End Sub

Open in new window


So if the Session("Role") is "Admin" then it will do nothing and allow the user access to the page, but for all other users it will send them back to the homepage.

This however doesnt work, you always get sent back to the default.aspx page, regardless of whether Session("Role") = Admin or not, as I have checked by using a MsgBox(Session("Role")), which returns "Admin".

Im thinking im using the wrong event, should I use something instead of Load?

Cheers,

Chris
0
Comment
Question by:CHKillswitch
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081397
where have you created Session("Role") ?
0
 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081437
example for adding column:-

   
    DataGridViewColumn col = new DataGridViewColumn();
	DataGridViewCell cell = new DataGridViewTextBoxCell();
	col.CellTemplate = cell;
	col.HeaderText = "testing";
	col.Name = "testing";
	col.Visible = true;
	col.Width = 60;

Open in new window

0
 
LVL 13

Expert Comment

by:agarwalrahul
ID: 35081470
Please create the Session("Role")  in the login page or where ever required then only check it because the sessions are not created automatically.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081528
Sorry ignore my second post.It was meant to be for some other question.
0
 

Accepted Solution

by:
CHKillswitch earned 0 total points
ID: 35081609
I realised that the problem was the Session was being created with spaces after the string, which when i was comparing it to "Admin" was causing a problem, So i ran the Session("Role") through a function that removed white spaces and it works fine now.
0
 

Author Closing Comment

by:CHKillswitch
ID: 35126168
Solved!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question