how to protect page in membership from logged out user in asp.net

Question

0.00/5 (No votes)

See more:

Hi

i am asp.net developer but membership is new for me i hv 60% knowledge of tht.
now the problem is i wanted to protect the page form user without login
ex. i hav made website with

1) login.aspx
2) logout.aspx
3) inbox.aspx

now without login user should not access inbox.aspx page like if user input page url in address bar or hit the page then he should be redirect to login page if user is not logged in.

C#

bool authenticated = User.Identity.IsAuthenticated;;
         string auth = authenticated.ToString();
         if (authenticated == true)
         {
             MembershipUser myObject = Membership.GetUser();
             //above syntax will return logged in current user 
         }
         else
         {
         //redirct to login page
         }

but its not looking safe to me, i wanted to use this concept in big website. plz if any body can suggest.

Please reply in c sharp with asp.net

Posted 9-Dec-10 14:19pm

desaihardikj@gmail.com

Updated 9-Dec-10 19:22pm

Toniyo Jackson

v3

Add a Solution

Comments

TheyCallMeMrJames 9-Dec-10 22:44pm

are you using asp.net mvc? all you have to do is put an attribute on the controller class (or method) to protect the views. it's literally 1/2 a line of code. -cheers

desaihardikj@gmail.com 10-Dec-10 1:05am

no, i am not using mvc? i dnt hv enough idea about mvc. :(

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

m@dhu · Answer 1 · 2010-12-09T19:15:00

Solution 1

These links might help you
Forms Authentication[^] and here[^]

Posted 9-Dec-10 19:15pm

m@dhu

Phaneendra Varanasi · Answer 2 · 2010-12-09T19:58:00

Hi,

Try to close the page cache using ...

C#

public static void DisablePage()
{
    //Used for disabling page caching
    HttpContext.Current.Response.Cache.SetExpires(DateTime.UtcNow.AddDays(-1));
    HttpContext.Current.Response.Cache.SetValidUntilExpires(false);
    HttpContext.Current.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
    HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
    HttpContext.Current.Response.Cache.SetNoStore();
}

call this method in Page_load event and

C#

DisablePage();
        if (Session["isLogged"] == null)
        {
            Response.Redirect("~/Default.aspx");
        }

If you are using Master-Page you can solve your problem.

Regards.