How to restrict administrator access without login

Question

0.00/5 (No votes)

See more:

I am writing code for log in functionality. I am able to login successfully but my problem is, when i directly call that adminhome.aspx page by url that is accessible directly.I want that should navigate to login page if someone is trying to directly access adminhome.aspx. I am using session variable for user LoginId.

Thanks & Regards
Nitin Kumar

Posted 30-Oct-12 20:41pm

Nitin Choudhary

Updated 30-Oct-12 21:11pm

Sandeep Mewara

v2

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Kaushikhalvadiya · Answer 1 · 2012-10-30T21:04:00

Solution 2

In page load event of

adminhome.aspx

page write below code.
Make sure you have Abandoned session when uesr logout.

C#

if (Session["session_var"] == null || Convert.ToString(Session["session_var"]) == "")
{
           Response.Redirect("~/adminhome.aspx");
}

Posted 30-Oct-12 21:04pm

Kaushikhalvadiya

Updated 30-Oct-12 21:05pm

v2

OriginalGriff · Answer 2 · 2012-10-30T21:01:00

I am assuming that you are writing your own login system? If so, then providing such security is up to you, and it is a complicated thing, or requires you to explicitly check the authorisation in every single page load event.

The easy solution is to implement Membership: MSDN - Introduction to Membership[^] which lets the framework take the difficulty and allows you to set access levels by folder very easily.