Last post Oct 31, 2008 06:22 AM by florim
Oct 29, 2008 08:15 PM|florim|LINK
I hawe a project where i keep my user information after he log in in Session and in every page i must check for example if the user have the right role to access that page.
private bool ChechUser()
CustomUser u = (CustomUser)Session["User"];
foreach (string str in u.Role.ListOfPages)
but tu hawe in mind that Login page dont nead to implemet that.
So how can i do this in HttpModule so i dont nead to put in every page exept for loginpage..
Oct 30, 2008 12:54 AM|ragsofblr|LINK
HTTPModule is best suited for such cases. You must have in mind that the HTTPModule gets executed for every request. So you need to make sure the code that you have for the access control executes at the right time. This should not be executing before login
or before the session information is established. To add the code as a HTTPModule you need to do the following
1)Create an assembly and have the above code there. This assembly should inherit from IHttpModule. Need to have a delegate for the event BeginRequest. In BeginRequest have the code required to be executed for every request.
2) Add (if you dont have it already) <httpModules></httpModules> in the Web.config file.
3) The add the custome assembly as a httpmodule as below
<add name="AccessControl" type="Your assembly"/>. This should be add in between the above mentioned 2 tags for httpmodule.
Oct 30, 2008 08:07 AM|florim|LINK
OK Thxks but now is problem that when i Check for user if is valid or not i must redirect to the page so if i do it in the HttpModule i vill stuck in Loop or im wrong.
Oct 31, 2008 12:32 AM|ragsofblr|LINK
I dont think you will end up in an infinite loop. When you see a user is not authorised to see a particular page you are going to redirect him to a particular page. This page has to the one that use has rights to see. So though the HttpModule gets executed
it will see that this user has rights to see this page and does not redirect.
Hope this makes sense.
Oct 31, 2008 06:22 AM|florim|LINK
Thanks Thanks.... i now what you mean....