ASP.NET MVC with C#, MS Sql Server, MySQL Server: ASP.NET C# Session Variable

Sunday, January 9, 2011

ASP.NET C# Session Variable

You can make changes in the web.config. You can give the location path i.e the pages to whom u want to apply the security. Ex.

1) In first case the page can be accessed by everyone.
// Allow ALL users to visit the CreatingUserAccounts.aspx //
location path="CreatingUserAccounts.aspx">
system.web>
authorization>
allow users="*" />
/authorization>
/system.web>
/location>

2) in this case only admin can access the page
// Allow ADMIN users to visit the hello.aspx

location path="hello.aspx">
system.web>
authorization>
allow roles="ADMIN' />
deny users="*" />
/authorization>
/system.web>
/location>

OR

On the every page you need to check the authorization according to the page logic
ex:
On every page call this
if (session[loggeduser] !=null)
{
DataSet dsUser=(DataSet)session[loggeduser];
if (dsUser !=null && dsUser.Tables.Count>0 && dsUser.Tables[0] !=null && dsUser.Tables[0].Rows.Count>0)
{
if (dsUser.Table[0].Rows[0]["UserType"]=="SuperAdmin")
{
//your page logic here
}
if (dsUser.Table[0].Rows[0]["UserType"]=="Admin")
{
//your page logic here
}
}
}

ASP.NET MVC with C#, MS Sql Server, MySQL Server

Pages

Sunday, January 9, 2011

ASP.NET C# Session Variable

No comments: