Click here to Skip to main content
Click here to Skip to main content

Easy way to create secure ASP.NET login using Session

, 28 Nov 2007
Rate this:
Please Sign up or sign in to vote.
It an easy and secure way for begginer ASP.NET developer to create secure login WebForms using Sessions

Introduction

As an ASP.NET developer, I needed to create a secure login WebForm, but I also needed it to be easy to implement, not so complicated, and also accomplish the mission

Sessions

Sessions are a real important thing, that used in many things we can't even imagine. You can use sessions in passing variables between WebForms instead of query-strings when passing secure values, it can also be used to create secure, and easy login.

Defining our Sessions

In the file "Global.asax", We'll define our sessions in the function "Session_Start()"

protected void Session_Start(Object sender, EventArgs e)
{
     //The first Session "Logged" which is an indicator to the
     //status of the user
     Session["Logged"]="No";
     //The second Session "User" stores the name of the current user
     Session["User"]="";

     //The third Session "URL" stores the URL of the
     //requested WebForm before Logging In
     Session["URL"]="Default.aspx";
}

In the "Page_Load" of the Secured files, or the files which needed the user first to LogIn before seeing them, we add just check if the user is Logged or not.

private void Page_Load(object sender, System.EventArgs e)
{
    if(Session["Logged"].Equals("No"))
    {
         ....
    }
    else
    {
         ....
    }
}

In the "Login.aspx" file, I've made checking the UserName and password with a regular if condition, with no database usage. But this code can be modified easily to check the Username and Password from a table in a database

if(UserNametxt.Text.Trim()=="Abdallah" && Passwordtxt.Text.Trim()=="Fayez")
{
    ....
}

else
{
    ....
}

The Code is available to download, with a sample "Login.aspx", and "Default.aspx" WebForms which make it easier for you to modify the code in best shape for you.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Abdallah Fayez
Software Developer (Senior)
United States United States
I'm working in software development since my childhood, I used Logo, Basic, qBasic, Fortran 77, Visual Basic, C, C++, finally C# and many various mainly web technologies

Comments and Discussions

 
Questionis it secure Pinmembertamdata t30-Apr-13 21:25 
hi all
its a possible way . but is it secure to use session for check in another page?
session hijackers is in Ambush!
what is your solution to prevent it?
AnswerRe: is it secure PinmemberAbdallah Fayez7-Jan-14 14:56 
GeneralVery Nice PinmemberVikZ9125-Mar-13 11:32 
GeneralMy vote of 5 Pinmembererhardeep17-Feb-12 3:26 
GeneralRe: My vote of 5 PinmemberAbdallah Fayez16-Dec-12 23:34 
Generalجزاك الله PinmemberMember 822963221-Jan-12 20:16 
GeneralRe: جزاك الله PinmemberAbdallah Fayez16-Dec-12 23:34 
GeneralCode to use a database to validate user PinmemberRosita5-Dec-07 12:02 
AnswerRe: Code to use a database to validate user PinmemberAbdallah Fayez30-Dec-07 11:12 
QuestionWhy can't we use <authorization> section of configuration file? PinmemberMember 39047285-Dec-07 4:51 
AnswerRe: Why can't we use <authorization> section of configuration file? [modified] PinmemberAbdallah Fayez30-Dec-07 10:32 
GeneralworksNice start PinmemberIslam Khalil Saber29-Nov-07 3:14 
GeneralRe: worksNice start PinmemberAbdallah Fayez29-Nov-07 3:20 
Generalallah 3alek Pinmemberel3omda28-Nov-07 6:31 
GeneralRe: allah 3alek PinmemberAbdallah Fayez29-Nov-07 3:22 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.141022.2 | Last Updated 28 Nov 2007
Article Copyright 2007 by Abdallah Fayez
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid