Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Secure pages and Web Site Administration Tool 2

Status
Not open for further replies.
MaryNET

MaryNET

Programmer
Jan 6, 2007
33
0
0
US
Hi,
I need to have some secure pages that the user
has to log in to get access to.
I have .aspx pages in the root folder that will
contain the secure and non-secure pages.

I was looking at the ASP.NET 2.0 Web Site Administration Tool, but I'm not crazy about it.

Could anyone make any recommendations on how I should configure the secure pages?
Thank you

 
Sort by date Sort by votes
use the authentication/authroziation and location config sections in the web.config file to secure the files.

it's much easier to place the secure pages in a sub directory and apply permissions to the directory. the alternative is listing out each secure page and it's allow/deny permissions.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
Thanks larry, jm. I liked the video.

The thing I don't like about the Web Site Administration Tool is that it uses a database (ASPNETDB.MDF) that is not part of the website's database. I know you can use your own SQL Server database, but I'm not sure of what nightmares that may cause.

If I was using this tool for customers placing an order and creating an account, how do I insert the correct data into the right database? How do I look up a customer later if their email info is one database and their order info in another?

Is this tool good to use in this situation?
 
Upvote 0 Downvote
if this is an enterprise level app then i would recommend implementing the security in 1 of 2 ways.

1. use a mvc approach to displaying web pages. either uing castle windsor, monorail, or ms mvc (.net 3.5 only). this approach is a radical depature from M$ webforms, but is ideal for large scale applications.

2. using traditional M$ asp.net webforms, role your own security model by implementing the appropiate security interfaces. david hayden has some posts on the subject:

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
You might want to use a single database instead of two, depending on the solution or the strategy you have adopted. I'm not aware of any nightmare this might cause but can give 100% guarantee. I have used this method in the past and it worked perfectly for me.

You might want to explore jm's method and select the one that's most convenient for you.

Oysterbar ride to success. Keep Riding
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

G12Consult
  • Locked
  • Question
Javascript from Content Pages
Replies
0
Views
129
G12Consult
G12Consult
sugu1
  • Locked
  • Question
sound editing in web site to record, cut/trim, paste and save as wav file
Replies
0
Views
141
sugu1
sugu1
G12Consult
  • Locked
  • Question
Different landing pages for different roles
Replies
0
Views
131
G12Consult
G12Consult
WIREMESH
  • Locked
  • Question
Play mp4 files in asp.net 2.0 webforms application
Replies
0
Views
47
WIREMESH
WIREMESH
shaunk
  • Locked
  • Question
Web API Routing Not working in Web Site App.
Replies
0
Views
56
shaunk
shaunk

Part and Inventory Search

Sponsor

Back
Top