bizzydint Posted June 20, 2003 Posted June 20, 2003 I've got to make some changes to an existing log-in system on our site and I havent got a clue how it currently hangs together. So simple question 1: Does anyone know of any good tutorials on that type of thing? A bit more detail Question 2 (just for wyrd ;)) Our site currently has a http:// url, which redirects the user to a https:// site, on which they tells us the username/password and we can log them into the main site. However, many search engines dont like to bookmark redirecting pages - and i'm not entirely sure they like secure (https) ones either (???) So we want to have the login box on the http page (with lots of other useful info that search engines will like) - which logs them into the main app on the https site. So how the hell do i do it? The obvious: Response.redirect("https://www.blah.com/home.aspx") loses the session information so the user just gets the login page again (but on the secure site instead!) The problem is that I dont currently understand how it all works, so any tutorial type stuff would be appreciated...(I'd really prefer not to paste code - seeing as i dont know enough to determine how much of it I could make public!!) cheers my dears ;) Quote Grant me the serenity to accept the things I cannot change, the courage to change the things I cannot accept and the wisdom to hide the bodies of those people I had to kill today cos they pi**ed me off.
Administrators PlausiblyDamp Posted June 20, 2003 Administrators Posted June 20, 2003 If you have a look at Forms authentication it allows you to redirect to a login page, and after the user is validated sends them to their original destination. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
*Experts* mutant Posted June 20, 2003 *Experts* Posted June 20, 2003 You could look at this tutorial: http://www.csharpfriends.com/Articles/getArticle.aspx?articleID=70 Or Which I recommend the most, buy a book called ASP.NET Unleashed. That book is great. Quote
bizzydint Posted June 20, 2003 Author Posted June 20, 2003 cheers - seems useful.... i also managed to track down this: http://www.15seconds.com/issue/020220.htm which i thought was a good starting point! Only problem is that my boss has told me to stop working on this cos more important stuff has come up! dagnamit. But i'll have to come back to it, so if anyone can provide any more assistance, i would make my life much much simpler :) Quote Grant me the serenity to accept the things I cannot change, the courage to change the things I cannot accept and the wisdom to hide the bodies of those people I had to kill today cos they pi**ed me off.
wyrd Posted June 20, 2003 Posted June 20, 2003 I'm with mutant - ASP.NET Unleashed. Tutorials are okay I suppose, but I find books a much better resource, especially when it comes to answering questions quickly. http://www.amazon.com/exec/obidos/tg/detail/-/0672320681/qid=1056128907/sr=1-1/ref=sr_1_1/102-8623408-7558524?v=glance&s=books It covers security quite extensively (3 chapters), and also a chapter on user sessions. Click the "look inside" link on the URL above and check it out for yourself. Oh.. and there's also a few chapter in the back "Creating an Online Store" which may help you further with security and sessions. It's got 4/5 stars because 1) People whine that it doesn't cover C#, 2) People whine that it uses exclusively notepad and doesn't cover the .NET IDE, and 3) Some say there are errors in some of the code examples. Quote Gamer extraordinaire. Programmer wannabe.
*Experts* mutant Posted June 20, 2003 *Experts* Posted June 20, 2003 None of those points bother me :). I dont know why people lower the rating for things like that, but mostly because its not C#, its a VB book, instead of ranting the guy who said that should find another book :). :) :D Quote
bizzydint Posted June 23, 2003 Author Posted June 23, 2003 Just realised i hadnt read plausiblyDamp's post earlier and wanted to clarify..... I understand the "redirectFrom login" function (?) of Forms authentication. Seems useful. BUT - The problem is we want the login to be on the site home page which also contains lots of other useful info and links as well as marketing info for the site. So we want that page to get found by search engines etc. Therefore, if the user goes to that page first, what url would they get redirected to?? As for the book: might see if i can persuade the boss to get it for me :) Although, is this one just particularly good for the security stuff and there are other books that are better for the rest of the gumpf??? Quote Grant me the serenity to accept the things I cannot change, the courage to change the things I cannot accept and the wisdom to hide the bodies of those people I had to kill today cos they pi**ed me off.
*Experts* mutant Posted June 23, 2003 *Experts* Posted June 23, 2003 As for the book: might see if i can persuade the boss to get it for me :) Although, is this one just particularly good for the security stuff and there are other books that are better for the rest of the gumpf??? That book is 1400 pages full of great info. The author did a great job and I really recommend that book. It talks about many things, controls, cookies, authentication, ADO.NET and many more. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.