NCS Logo - Click for home page Northstar Developer Center
Selected Platform: All
RSS Subscriptions | About the Developer Center | Editorial Policy
Platforms
All Platforms
.NET Framework (1.x - 4.x)
Active Server Pages
ASP.NET
C#
SQL Server
VB.NET
Visual Basic

Keywords
.NET Data Types
.NET E-mail
.NET Events
.NET Functions
.NET Object Programming
.NET System.Configuration
.NET System.Diagnostics
.NET System.IO
.NET System.Net
.NET System.Net.Sockets
Active Data Objects
ASP Architecture
ASP Black Belt
ASP Built-in Functions
ASP Built-in Objects
ASP Debugging
ASP Performance
ASP Security
ASP Syntax
ASP.NET Authentication
ASP.NET Controls
ASP.NET Data Access
ASP.NET Features
ASP.NET Master Pages
ASP.NET Page Events
ASP.NET Security
ASP.NET ViewState
Atom
Certifications
COM, DCOM, COM+
Data Access
E-Mail
Errors
Exporting Data
HTML Tips
IIS
Object-Oriented Programming
RSS
SQL
Uncategorized ASP Tips
VB API Programming
VB Forms
VB Syntax
XML

Book Support
Visual Basic 6 Bible
ASP Bible
ASP Weekend Crash Course
ASP.NET At Work
Creating Web Services

Using Session Variables to Maintain Security

Written by Eric Smith, Northstar Computer Systems LLC

Depending on the application you have, you may need to enforce security on pages. However, you can't just check the person's login on one page and send them on their way. Instead, you'll need to make sure they have logged in on every page that you run. This isn't as hard as it sounds, trust me. After the user has logged in successfully, set a Session variable to True, as shown here: 
Session("IsLoggedIn") = True
On every page after that, call this CheckForLogin subroutine, which can be placed in a server-side include file to be added to every page. 
Sub CheckForLogin()
   If Not Session("IsLoggedIn") Then
      Response.Redirect "login.asp"
   End If
End Sub
If they haven't logged in, they are immediately bounced to the login page. Make sure you call this routine before showing any HTML, since the Response.Redirect has to be part of the HTTP header.

Keywords: [ Uncategorized ASP Tips ]

Publication Date: 7/1/1999