ASP.NET / C#.NET / Authentication & Authorisation

Authentication & authorization:-

If you are beginner in web applications, then this is right time to feed the following topic.

Suppose you are going to develop a website (in ASP.NET), where there must be a process of authentication & authorization (authentication means that the user is valid or not & authorization means how much resources an authenticated user will enjoy).

There should be 3 types of users in your website:-

1. 1. Anonymous user
2. General user
3. Administrator

When an anonymous user requests for home page, following page will come(Login.aspx)

They can only view the website’s limited resources.

If he/she provide user name & password, then they will be authenticated users & the following page will be displayed(Default.aspx)

There will be Sign out option as they are logged in.

Again if they click in Sign out option, they get following page again (Login.aspx)

If anyone access website with Admin password, then following page (Default.aspx) will come with Sign out option & various more options exclusively unique for Administrator

The codes are very simple, try to understand the underlying technology.

You think in this way, that users are requesting for the home page (Default.aspx). If page is not authenticated then users get the Login.aspx page & users will see Login.aspx page as home page.

Codes under Default.aspx ,

protected void Page_Load(object sender, EventArgs e)

{

if (!Page.User.Identity.IsAuthenticated)

{

Server.Transfer("login.aspx");

}

else

{

lblStatus.Text = User.Identity.Name;

if (Page.User.IsInRole("adminrole"))

{

btnAdmin.Visible = true;

btnUpload_books.Visible = true;

btnUpload_papers.Visible = true;

btnCk_payments.Visible = true;

}

}

}

Codes under Login.aspx ,

using System.Data;

using System.Data.SqlClient;

string s1;

SqlConnection sqlCon;

SqlCommand command;

SqlDataReader reader;

protected void Page_Load(object sender, EventArgs e)

{

s1 = System.Configuration.ConfigurationManager.AppSettings.Get("con1");

sqlCon = new SqlConnection();

sqlCon.ConnectionString = s1;

}

protected void btnLogin_Click(object sender, EventArgs e)

{

if (sqlCon.State == ConnectionState.Open)

sqlCon.Close();

sqlCon.Open();

command = new SqlCommand();

command.Connection = sqlCon;

command.CommandType = System.Data.CommandType.StoredProcedure;

command.CommandText = "user_select";

command.Parameters.Add("@uid", System.Data.SqlDbType.VarChar, 20);

command.Parameters["@uid"].Value = txtUname.Text.ToString();

reader = command.ExecuteReader();

if (reader.Read())

{

if (reader["upasswd"].ToString() == txtUpasswd.Text.ToString())

{

FormsAuthentication.RedirectFromLoginPage(txtUname.Text, false);

}

else

{

lblWarn.Text = "Invalid Credentials; Please Try again";

}

}

}

Codes under web.config ,

<authentication mode="Forms">

<forms name="login" loginUrl="login.aspx" protection="All" timeout="30" />

authentication>

<authorization>

<allow users="admin"/>

<allow roles="adminrole"/>

<deny users="?"/>

authorization>

<anonymousIdentification enabled="true"/>

<roleManager enabled="true"/>

N.B. :- Here I have used name of Administrator ‘Admin’, if you like to give other name then write your own given name in tag.

Thank You…………….

Mail me at : partho.neo@gmail.com / partho.neo@indiatimes.com

Netbeans vs Eclipse

Eclipse vs NetBeans ...On which side are you on? Let us know which IDE you think is better and why.

Think of Java IDEs and two names that will come up are Eclipse and NetBeans. I have been using NetBeans for many years now and Eclipse has been a more recent addition to my Java armory. I have enjoyed working with both tools and as such don't have a clear favorite. I prefer NetBeans a little more than Eclipse as I have been using it longer and am more comfortable with it.

The thing I am most surprised about is how rapidly Eclipse has grown and how it has well and truly eclipsed NetBeans over the past year or so.

In the article: Migrating to Eclipse: A developer's guide to evaluating Eclipse vs. Netbeans, the author shows the differences between the two IDEs.

Just Eclipse or Eclipse in its WSAD avatar or MyEclipseIDE avatar is definitely good but hey..is it so good that nobody wants to be talk of NetBeans these days??? I haven't as yet tried out the new NetBeans 5.5 but I do hope it is very good. So that the competition between Eclipse and NetBeans stays fierce and there is no clear winner.

The end user gets two very good IDEs.

Java IDE comparison: Borland JBuilder Top

A comparison of 4 Java IDEs, from Borland, IBM, Oracle and Sun ranks them as follows:

• Borland JBuilder 2005 Enterprise tops with - ( 8.5 / 10 )
  
• IBM Rational Software Architect 6.0 - ( 8.3 / 10 )
  
• Oracle JDeveloper 10.1.3 - ( 8 / 10 )
  
• Sun Java Studio Enterprise 7 - ( 7.4 / 10 )

The article evaluates the four IDEs based on Features, Ease-of-use, Integration, Performance and Value.

To get more info click here