asked on

User Page Authentication Using Sessions

I am trying to prevent unauthorized access to pages on my VB.Net website. I have set up users manually and I am using Sessions to store the information about the User. I am not using the built in login and authentication features due to other reasons.

The code I am trying to run on Page Load is ..

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Session("Role") = "Admin" Then

        Else
            Response.Redirect("Default.aspx")
        End If
    End Sub

Open in new window

So if the Session("Role") is "Admin" then it will do nothing and allow the user access to the page, but for all other users it will send them back to the homepage.

This however doesnt work, you always get sent back to the default.aspx page, regardless of whether Session("Role") = Admin or not, as I have checked by using a MsgBox(Session("Role")), which returns "Admin".

Im thinking im using the wrong event, should I use something instead of Load?

Cheers,

Chris

mayank_joshi

where have you created Session("Role") ?

mayank_joshi

example for adding column:-

    DataGridViewColumn col = new DataGridViewColumn();
	DataGridViewCell cell = new DataGridViewTextBoxCell();
	col.CellTemplate = cell;
	col.HeaderText = "testing";
	col.Name = "testing";
	col.Visible = true;
	col.Width = 60;

Open in new window

Rahul Agarwal

Please create the Session("Role") in the login page or where ever required then only check it because the sessions are not created automatically.

mayank_joshi

Sorry ignore my second post.It was meant to be for some other question.

ASKER CERTIFIED SOLUTION

CHKillswitch

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

CHKillswitch

ASKER

Solved!