Reputation: 24670
Where to place authentication check in ASP.NET
I have some code used to determine if a user is logged in and I want to put this on every page in an ASP.NET website so that only logged in users can view it. The problem is that the site is split into multiple projects/solutions so maintaining the single piece of code might be hard.
I was thinking I could create a class that inherits for System.Web.UI.Page and overrides Page_Init, but that would require changing all pages so they inherit from new new class. Also I don't think this will work across projects.
So then I thought approaching the problem from a different side: using AOP. I have never used Aspects before but it looks like I could use PostSharp to write an Aspect that injects code before every Page_Init (or maybe Page_Load?). This might work as a quick solution but I might run into problems if I need a page to not perform the authentication check (available to everyone).
Just to clarify, I already have a login solution; I am just looking for a checking that login on each page.
Upvotes: 3
Views: 1044
Answers (4)
Reputation: 453
Since you seem to have your login solution handled and working, creating a class that overrides the page_init sounds like your best option. This can work across other projects by simply creating that class in a separate project that you can included in your other solution(s)... To be honest, that's the easiest way to span the logic across multiple projects.. This will also be easily maintained because you'd only have to update one location going forward.
If you are using MasterPages, you wouldn't have to hit all of the pages, you could just include it on specific MasterPage(s) and set all the pages you want authentication to use that MasterPage.
Upvotes: 1
Reputation: 1878
Look into HttpModules. The asp.net framework is already programmed so that a module runs on every page request, you just have to write it and add it to web.config.
http://msdn.microsoft.com/en-us/library/zec9k340(v=vs.71).aspx
EDIT: Here's a better link that demonstrates handling the BeginRequest event http://msdn.microsoft.com/en-us/library/ms227673(v=vs.85).aspx
Upvotes: 3
Reputation: 10588
Windows Identity Foundation can solve this for you. See http://msdn.microsoft.com/en-us/security/aa570351 for details on WIF. No need to reinvent the wheel. If you had only one Web application, Forms authentication would suffice.
Upvotes: 0
Reputation: 9092
As @jrummell mentioned, there's MembershipProvider which is a great option, but if you're creating custom login solition, check this link which has a pretty simple login implementation step by step
Upvotes: 1
Related Questions
- How to authenticate on ASP.NET
- Where is the best place to validate that a user is authenticated in asp.net mvc
- ASP.NET Authentication
- authentication in asp.net
- Asp.net authentication checks
- Where is the proper place to put this authentication logic?
- Need advises how to make authentication in asp.net
- ASP.NET authentication
- how to apply authentication
- ASP.NET authentication options