Best Practice for Checking if user is logged into application

G

Guest

Does anyone have suggestions on the best way to check if a user is logged
into asp.net web application?

We are not using forms authentication. We are authenticating our users
against active directory. I some people use the database to determine if a
user is logged in between web pages and check in the web forms.
 
G

Guest

When you say 'against active directory' .... is that Windows Authentication?

You can use the User.Identity class to obtain certain information about the
currently logged in user:

User.Identity.IsAuthenticated = [True|False]
User.Identity.Name = [<username>]
User.Identity.AuthenticationType = [Forms|Windows...]

You can setup forms authentication to authenticate against Active Directory,
which is my preferred method, because you can have a much more integrated and
themed login page (as opposed to Windows/Integrated authentication) and still
get AD-based credential authentication. Check out this link:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

I've got a working version in VB.NET to post if you're not working in C#.

Andrew A. Willett
Tech Xero
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What's the best practice in adjusting web interface according tomembership? 4
LoggedIn Event When Using Windows Authentication? 1
Windows authentication. 2
After gmail logs out, cannot go back through browser back button 6
Forms Authentication: How to distinguish between Idle-Session-Timeout and un-authenticated request? 5
HELP: ASPX Page "loses" login state after leaving & coming back 5
Serious issue: parts of my page render as not logged in, parts as logged in. Help! 1
Forms Authentication with AD storage for credentials. 2

Top