Password Protecting Resources | ASP.NET MVC -

-

I am working on an asp.net mvc app, and I have some ideas that I want to protect passwords I am No method type in the form of a username / password. When a user tries to visit one of these protected pages, I want to keep them in the password. I came with a path to do this, I want to get some beliefs that this is a good way.

When a user arrives at a protected page, I am checking a dictionary stored in the session, if the page's ID is there and marked as unlock, then those pages can be viewed. If not, they will be directed to the unlock page, where they have to enter a password. After they enter valid passwords, this dictionary will update and they will be able to see the page.

Is it a legitimate approach or someone has a better idea?

Thanks

This is essentially a standard username / password form authentication It seems that the user name is shared between everyone / hardcod / users. Some thoughts:

  1. Do you want different passwords for different closed areas? If so, it looks like different roles for a user.
  2. What is your logic to not use a benchmark based user name / password solution (and potentially to determine the roles that have been unlocked)?
  3. It is believed that this is a public facing site, only a password is required, so that you have given a hacker a very easy target because now they do not have to use the username / password combo.
  4. Do you need someone like audit trails? A single password for many people in one area makes it potentially more complex for implementation.
  5. Maintenance - this is not a standard solution, so any other person who maintains it has to find out what you did and why.

I am sure there are some other important points in this, but nothing is coming at this time.


Comments

Post a Comment

Popular posts from this blog

oracle - The fastest way to check if some records in a database table? -

-
I have a big table to work with. I have to see that there are some records whose parent_id is equal to my passing value. Currently I do this by implementing "my_table using select count (*) where parent_id =: id"; If the result> 0, it means that they exist. Because this is a very large table, and I do not care what the actual number of records present, I just want to know if it exists, so I think count (*) Bit is disabled. How do I apply this requirement most quickly? I'm using Oracle 10. # Tips for Hibernation & amp; Tricks It suggests writing in such a way: Integer number = (integer) session .createQuery ("Select Count (*) to ...."). UniqueResult (); I do not know what is the magic of the unique rule? Why does it fast? To compare, select "1 from mytable where parent_id = passId and rowrum", which is more efficient? If you are not interested in the number of records, then there is an EXISTS query one: Select 'y'
Read more

php - multilevel menu with multilevel array -

-
Just ask someone to solve this problem? I want to create a multilevel menu I can not find the right solution generated with multilevel array, it always gets an array_push error My study came from the original idea But still my Can not match the need. This is my MySQL [code] ----- --------------------- --------------- | ID | PARENT_ID | Name | Link | Seq | 1 | 0 | Dashboad | Dashboard / | 1 | 2 | 0 | Menu 1 | Menu 1 / | 2 | 3 | 0 | Menu 2 | Menu 2 / | 3 | 4 | 0 | Menu 3 | Menu 3 / | 4 | 5 | 2 | Joint Add / | 1 | 6 | 3 | Joint Add / | 1 | 7 | 2 | Edit | Edit / | 2 | 8 | 4 | Joint Add / | 1 ------------------------------------------ [/ Code] I want to do something like this in my array array ('dashboard' = & gt; array ('id' = & gt; '' 'Dame' = & gt; 'Dashboard', 'Title' = & gt; 'Dashboard', 'MatchMin' = & gt; Base_URL (). 'Dashboard /', 'Active' => = & Gt; NULL), &
Read more

jQuery UI: Datepicker month format -

-
I am trying to change the format of the month that shows in the popup (not in the date that the picker actually I do not have any choice anywhere to do this, do I like to use a sub-string () or something else? What I normally display is Trying to change: Class = "ui-datepicker-title"> January & lt; / span & gt; ... & lt; / div & gt; Div>
Read more