ASP.NET C# Session Variable

Posted by SAMIR BHOGAYTA on Samir ASP.NET with C# Technology See other posts from Samir ASP.NET with C# Technology or by SAMIR BHOGAYTA
Published on 2011-01-09T09:14:00.001-08:00 Indexed on 2011/01/09 17:57 UTC
Read the original article Hit count: 415

You can make changes in the web.config. You can give the location path i.e the pages to whom u want to apply the security. Ex.

1) In first case the page can be accessed by everyone.
// Allow ALL users to visit the CreatingUserAccounts.aspx //
location path="CreatingUserAccounts.aspx">
system.web>
authorization>
allow users="*" />
/authorization>
/system.web>
/location>

2) in this case only admin can access the page
// Allow ADMIN users to visit the hello.aspx

location path="hello.aspx">
system.web>
authorization>
allow roles="ADMIN' />
deny users="*" />
/authorization>
/system.web>
/location>

OR

On the every page you need to check the authorization according to the page logic
ex:
On every page call this
if (session[loggeduser] !=null)
{
DataSet dsUser=(DataSet)session[loggeduser];
if (dsUser !=null && dsUser.Tables.Count>0 && dsUser.Tables[0] !=null && dsUser.Tables[0].Rows.Count>0)
{
if (dsUser.Table[0].Rows[0]["UserType"]=="SuperAdmin")
{
//your page logic here
}
if (dsUser.Table[0].Rows[0]["UserType"]=="Admin")
{
//your page logic here
}
}
}


© Samir ASP.NET with C# Technology or respective owner

Related posts about ASP.NET C# Session Variable