ASP.NET - Manual authentication system

Posted by Gal V on Stack Overflow See other posts from Stack Overflow or by Gal V
Published on 2010-06-08T07:50:08Z Indexed on 2010/06/08 7:52 UTC
Read the original article Hit count: 314

Filed under:

ASP.NET

|

authentication

|

forms-authentication

|

session-state

Hello all,

Wer'e developing an ASP.NET C# application, which will contain an authentication system that authenticates users in multiple levels (user, admin, super-admin, etc.).

Our idea is NOT to use the built in ASP.NET forms authentication feature. Our plan is to create a whole 'new' system for it- based on the Session object, and SQL database contains users' info such as username & password.

Is there any SERIOUS different between our idea to the Forms authentication feature?

What security risks do we take? How do we solve them?

Is this a good alternative for the forms authentication feature?

Thanks in advance !

© Stack Overflow or respective owner

Related posts about ASP.NET

Migrating ASP.NET MVC 1.0 applications to ASP.NET MVC 2 RTM

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Note: ASP.NET MVC 2 RTM isn’t yet released! But this tool will help you get your ASP.NET MVC 1.0 applications ready for when it is! I have updated the MVC App Converter to convert projects from ASP.NET MVC 1.0 to ASP.NET MVC 2 RTM. This should be last the last major change to the MVC App Converter… >>> More
April 14th Links: ASP.NET, ASP.NET MVC, ASP.NET Web API and Visual Studio

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Here is the latest in my link-listing blog series: ASP.NET Easily overlooked features in VS 11 Express for Web: Good post by Scott Hanselman that highlights a bunch of easily overlooked improvements that are coming to VS 11 (and specifically the free express editions) for web development: unit… >>> More
Use ASP.NET 4 Browser Definitions with ASP.NET 3.5

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
We updated the browser definitions files included with ASP.NET 4 to include information on recent browsers and devices such as Google Chrome and the iPhone. You can use these browser definition files with earlier versions of ASP.NET such as ASP.NET 3 Read More......(read more) >>> More
ASP.NET webforms + ASP.NET Ajax versus ASP.NET MVC and Ajax framework freedom

as seen on Stack Overflow - Search for 'Stack Overflow'
If given the choice, which path would you take? ASP.NET Webforms + ASP.NET AJAX or ASP.NET MVC + JavaScript Framework of your Choice Are there any limitations that ASP.NET Webforms / ASP.NET AJAX has vis-a-vis MVC? >>> More
ASP.NET MVC 2 Released

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I’m happy to announce that the final release of ASP.NET MVC 2 is now available for VS 2008/Visual Web Developer 2008 Express with ASP.NET 3.5. You can download and install it from the following locations: Download ASP.NET MVC 2 using the Microsoft Web Platform Installer Download… >>> More

Related posts about authentication

Configuring Fed Authentication Methods in OIF / IdP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
In this article, I will provide examples on how to configure OIF/IdP to map OAM Authentication Schemes to Federation Authentication Methods, based on the concepts introduced in my previous entry. I will show examples for the three protocols supported by OIF: SAML 2.0 SSO SAML… >>> More
windows authentication vs sql server authentication for asp.net forms authentication site

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a database and a site having forms authentication. It is working fine with VS2008. This time, I am using "Trusted_connection =True". But when it is opened from outside or directly from browser then I am getting error "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'." I know this is due… >>> More
Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication? >>> More
AutoCompleteExtender - authentication failure (forms authentication)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily. If I change my service definition to include a demand for the caller to be authenticated, like so: <OperationContract()… >>> More
Ruby on Rails , functionalities having twitter authentication and email authentication (autlogic and

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Experts, I would like to ask your guidance on how to authenticate using email add/ the basic log-in while having also a twitter log-in, twitter authentication works fine but if having an alternative log-in like using basic sign-up and email log-in part wont work.... any ideas please...? >>> More