Star79
asked on
imposing security in .net application...
We have developed .net 4.5 application but the user is able to access the individual pages by going to that page directly. for example user can access http://websitename/test.aspx (without being authenticated or forced to login.aspx page).
How can we efficiently do it? In asp we can put a security check in every page force the user to authenticate but in .net we don't want to do it that way. Do we need to impose .net form authentication? or any IIS settings? any ideas would be appreciated.
Please give as much details as possible.
How can we efficiently do it? In asp we can put a security check in every page force the user to authenticate but in .net we don't want to do it that way. Do we need to impose .net form authentication? or any IIS settings? any ideas would be appreciated.
Please give as much details as possible.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This header control would be called on every page, just the way people used to include header.inc in typical asp sites.
Put your security check in this control and all the pages where this control is being called will get protected automatically.
You can also put it in footer control but normally it is put in header. The user controls have an extension of ascx in asp.net