I've just started learning ASP.Net (VS2008) and have two questions concerning authentication and authorization.
I want to build a website where each users needs to login using a link on the top right of the page. After the login has succeeded, the username (and log off link) must be visible in each page of the website (a presume using masterpages must be used here)
How to I start creating this.
There are three kinds of users: Managers (full access), employees (limited access) and clients (very limited access). How do I implement authorization without having to make each webpage three times (ex.: A manager has full accesss to the articles-table, but a client has only read-access).