Wednesday, December 24, 2003

 

How to implement Security model in Gen6 applications

1) Modify Global.asax file
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
Security.AuthenticateAndAuthorize(Context);
}

2) Create Login.aspx page.
3) Modify Web.config in every Virtual Folder:




4)Create "Security" class
public void AuthenticateAndAuthorize(System.Web.HttpContext Context)
{
if (Context.Current.User == Null)
{
Authenticate(Context);
}
else
{
Authorize(Context);
}
}

private void Authenticate(System.Web.HttpContext Context)
// This method redirects unauthenticated user to the login page
{
string strURL = Context.Request.Url.ToString();
string strRedirectPath = "../Gen6/Login.aspx?ReturnUrl=" + strURL;
Context.Response.Redirect(strRedirectPath, true);
}

private void Authorize(System.Web.HttpContext Context)
// This method checks if Authenticated user has permission to access current page
{
// Got roles which the user belongs to
// Check if at least one of the roles has permission to access current page
if (PermissionIsGranted)
{
// Save information into cache

// Return to the current page
return;
}
else
{
// Forbid access to the current page and redirect user to login.aspx page
Authenticate(Context);
}
}

# posted by Dennis Gorelik @ 2:59 PM
Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?