Solved

User Page Authentication Using Sessions

Posted on 2011-03-09
6
186 Views
Last Modified: 2012-05-11
I am trying to prevent unauthorized access to pages on my VB.Net website. I have set up users manually and I am using Sessions to store the information about the User. I am not using the built in login and authentication features due to other reasons.

The code I am trying to run on Page Load is ..
 
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Session("Role") = "Admin" Then

        Else
            Response.Redirect("Default.aspx")
        End If
    End Sub

Open in new window


So if the Session("Role") is "Admin" then it will do nothing and allow the user access to the page, but for all other users it will send them back to the homepage.

This however doesnt work, you always get sent back to the default.aspx page, regardless of whether Session("Role") = Admin or not, as I have checked by using a MsgBox(Session("Role")), which returns "Admin".

Im thinking im using the wrong event, should I use something instead of Load?

Cheers,

Chris
0
Comment
Question by:CHKillswitch
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081397
where have you created Session("Role") ?
0
 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081437
example for adding column:-

   
    DataGridViewColumn col = new DataGridViewColumn();
	DataGridViewCell cell = new DataGridViewTextBoxCell();
	col.CellTemplate = cell;
	col.HeaderText = "testing";
	col.Name = "testing";
	col.Visible = true;
	col.Width = 60;

Open in new window

0
 
LVL 13

Expert Comment

by:agarwalrahul
ID: 35081470
Please create the Session("Role")  in the login page or where ever required then only check it because the sessions are not created automatically.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 9

Expert Comment

by:mayank_joshi
ID: 35081528
Sorry ignore my second post.It was meant to be for some other question.
0
 

Accepted Solution

by:
CHKillswitch earned 0 total points
ID: 35081609
I realised that the problem was the Session was being created with spaces after the string, which when i was comparing it to "Admin" was causing a problem, So i ran the Session("Role") through a function that removed white spaces and it works fine now.
0
 

Author Closing Comment

by:CHKillswitch
ID: 35126168
Solved!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now