How to stop the direct access in the web application by entering the url.

Posted by Er.deepakdalal under Regular Expressions on 4/21/2010 | Views : 6393 | Status : [Member] | Replies : 5
Hi All

I am designing a web application in the ASP.Net 3.5 with C# can anybody help me out that how i am stop direct access in the application by entering the next page url. For example My front page url is http://www.firstproject.com, here i am authenticating user and the next page url is http://www.firstproject.com/Home.aspx but user can directly access the next page by changing in the url. Please explain in the detail.




Responses

Posted by: Vuyiswamb on: 4/21/2010 [Member] [MVP] [Administrator] NotApplicable

Up
0
Down
In your page load add the following code


if (Session["Username"] != null)
{
//then the page do be opened to a user
}
else
{
//This is an invalid user send the user to the login page
response.redirect("login.aspx",false);
}


This method works if you have an existing login system that you have created. You can get the Username from the successfull login.

Thank you for posting at dotnetfunda

Vuyiswa Maseko

Thank you for posting at Dotnetfunda
[Administrator]

Er.deepakdalal, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Syedshakeer on: 4/21/2010 [Member] Starter

Up
0
Down
Hi deepak. As per vuyiswamb code you can stop the direct url accessible.

Syed Shakeer Hussain

Er.deepakdalal, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: SurajRane on: 4/22/2010 [Member] Starter

Up
0
Down
Well if you are authenticating user and you are using forms authentication in your page then you can do it as below way.

Here if an unauthenticated user enter url of any page then it will be redirected to login page for Authentication.

after entering proper credentials he will be sent to requested page automatically.

private void AuthenticateUser(string UserName,string Password)

{
Page.Validate();
if (!Page.IsValid) { return; }
try
{
if (FormsAuthentication.Authenticate(UserName, Password))
{
//1.create ticket for authenticated user and add coockie to the response.
//2.if user is authenticated redirected user to requested page.
FormsAuthentication.RedirectFromLoginPage(UserName, false);
}
else
{
//show message Invalid Username or Password
}
}
catch
{
//show message Error occured while authenticating user.
}
}


Er.deepakdalal, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Pavanandey on: 4/22/2010 [Member] Bronze

Up
0
Down
do can do this in the preint event of the second page

void Page_PreInit(Object sender, EventArgs e)
{
if (Session["LoginID"] == null)
{
Respone.redirect("Login.aspx");
}
}

Thanks
Pavan Kumar
Mark Answer if this fits the need

Er.deepakdalal, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Naveenmanam on: 4/26/2010 [Member] Starter

Up
0
Down

if (FormsAuthentication.Authenticate(UserName, Password))

{

FormsAuthentication.RedirectFromLoginPage(UserName, false);

}

else

{

message Invalid Username or Password

}


NaveenKumar

Er.deepakdalal, if this helps please login to Mark As Answer. | Alert Moderator

Login to post response