c# - asp.net deny specific user cookie during login -


i'm trying deny specific user login in administrative area of system, after gets formsauthenticationticket expiration of 30 days now. i'm doing manually , i'm using asp.net webforms.

my login code follows:

protected void btnlogin_click(object sender, eventargs e) {     user u = logindataaccess.checklogin(txtemail.text, txtpassword.text);     if (u.id == 0)     {         lbinfo.text = "invalid credentials.";         lbinfo.cssclass = "label-warning";     }     else     {         logindataaccess.authenticate(u, response.cookies, cbrememberme.checked);     }             }

and logindataaccess.authenticate method this:

public static void authenticate(user user, httpcookiecollection cookies, bool remember) {     genericidentity gi = new genericidentity(user.name);     string role = userroles.getrole(user.roles);     genericprincipal gp = new genericprincipal(gi, new string[] { role });     formsauthentication.redirectfromloginpage(user.name, true);      if (remember)     {         cookies.clear();         datetime expirydate = datetime.now.adddays(30);         formsauthenticationticket ticket = new formsauthenticationticket(2, user.nome, datetime.now, expirydate, true, string.empty);         string encryptedticket = formsauthentication.encrypt(ticket);         httpcookie authenticationcookie = new httpcookie(formsauthentication.formscookiename, encryptedticket);         authenticationcookie.expires = ticket.expiration;         cookies.add(authenticationcookie);     } }

my check login method search database user. it's clear me need every time user starts session. how this?

if want inject custom authentication logic application, in global.asax create method called application_authenticaterequest. code there gets executed right after internal authentication mechanisms. 

protected void application_authenticaterequest(object sender, eventargs e) {     var context = httpcontext.current;      if (context.user != null && context.user.identity != null && context.user.identity.isauthenticated)     {         if (someclass.userisexpired(context.user))         {             // clear cookies or whatever need             // throw 401 deny access             throw new httpexception(401, "user account expired");         }     } }

see post detailed information on how authentication occurs:

authenticaterequest event


Comments

Post a Comment

Popular posts from this blog

java - WARN : org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/board/] in DispatcherServlet with name 'appServlet' -

this question has answer here: why spring mvc respond 404 , report “no mapping found http request uri […] in dispatcherservlet”? 3 answers i trying making simple bbs i'm encountering following error, warn : org.springframework.web.servlet.pagenotfound - no mapping found http request uri [/board/] in dispatcherservlet name 'appservlet' i have tried solve error many times, have failed. how can solve error? here web.xml, controllerand , servlet-context. my web.xml <?xml version="1.0" encoding="utf-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-nam...
Read more

1111. appearing after print sequence - php -

morning, i have code takes string of shoe sizes, explodes , puts in table. code works , info displayed correctly on page after table there few 1's after table. i'm confused this. so table looks (in columns of 3 on webpage) available in following sizes: 3 4 5 6 9 10 111 here's codes, purpose of example $x = 3|4|6|10|9 function get_sizes_pipe($x) { $counter = 0; $splits = explode("|",$x); asort($splits); $x = print "<table class='greentable'>"; $x .= print "<thead><tr><th scope='col' colspan='3' abbr='starter'>available in following sizes:</th></tr></thead><tbody><tr>"; foreach ($splits $split) { $entry = print "<td>".$split."</td>"; if($counter == 2){ $entry .= print "</tr><tr>"; $counter =0; } else { $counter++; ...
Read more

android - How to create dynamically Fragment pager adapter -

i unable create dynamic layout each tabs, able create tabs dynamically constructor(public mypageradapter(fragmentmanager fm , int nooftabs)), coudn't inflate view each tabs creating each fragment should dyanmic. public class mypageradapter extends fragmentpageradapter { private final string[] titles = { "categories", "home", "top paid", "top free", "top grossing", "top new paid", "top new free", "trending" }; int nooftabs; **public mypageradapter(fragmentmanager fm , int nooftabs) { super(fm); this.nooftabs = nooftabs; }** /*public mypageradapter(fragmentmanager fm) { super(fm); }*/ @override public charsequence getpagetitle(int position) { return titles[position]; } @override public int getcount() { ...
Read more