How to restrict Users from seeing some Pages

Question

0.00/5 (No votes)

See more:

Hi Expert,

I am Uday Satardekar,
I am developing asp.net website.

In my website there are some pages like edit_user.aspx,add_new_user.aspx.

This facility available only for admin.

I store usertype in session.and checking like this,

if (Convert.ToInt64(Session["usertype"]) == 1)

Here 1 for admin and 2 for other user.

then how to restrict these pages from other user.

Posted 19-Oct-11 0:44am

udusat13

Updated 19-Oct-11 22:27pm

kiran dangar

v2

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Mario Majčica · Accepted Answer · 2011-10-19T00:54:00

Well here you will find a nice tutorial that will guide you in implementing ASP.NET Membership, Roles and Profile provider.

http://www.4guysfromrolla.com/articles/120705-1.aspx[^]

Once you are using a technique like this, it is very easy to do so. Inside the folder that contains the pages that you would like to restrict the access just put in a proper web.config file specifying the access rights.

You can also take a look on this video.

http://www.asp.net/general/videos/lesson-9-securing-your-web-site-with-membership-and-login-controls[^]

Cheers

sravani.v · Accepted Answer · 2011-10-19T00:52:00

Solution 1

In Page load event of both edit_user.aspx and add_new_user.aspx pages

Write the code like this

if (Convert.ToInt64(Session["usertype"]) == 1)
{
//Write the code

}

else
{
//Put a message like "you are not Authorized to see these pages"
//or
//Redirect to login page
}

Posted 19-Oct-11 0:52am

sravani.v

Comments

udusat13 19-Oct-11 7:09am

Thanks for suggestion........

But for this code can i use (!IsPostBack) or i have directly insert it into page load....

AmarSinghRawat 20-Oct-11 5:35am

You can write it directly into page load. because may be if are changing any user role from admin to user or user to admin then it will reflect.