Employee ManagementWeb Practice Files


The Forms authentication exercise in this chapter secures a Web application named EmployeeManagementWeb. This application allows the user to view and edit her personal profile information. Like many real-world Web applications, it has a public section available to everyone and a secured section available only to authenticated and authorized users. The practice files are a fully functioning ASP.NET application; however, there is no security yet—the secured section is not secure! You’ll work on securing this part of the application in the first half of this chapter. The application consists of some classes and the four ASP.NET pages described in Table 4-2.

Table 4-2: ASP.NET Pages in the EmployeeManagementWeb Application

default.aspx

The public, nonsecure welcome page from which users navigate to the myprofile.aspx page.

myprofile.aspx

The page for viewing profile information: first name, last name, full name, and bank account information. This page is fully functional except for the Log Out button, which does nothing.

editmyprofile.aspx

The page for updating profile information. This page is fully functional except for the Log Out button, which does nothing.

login.aspx

The login page. This page has the design layout for a login page, but does nothing yet. This is where you will be adding authentication logic.

The practice files are hard-coded to view and edit profile information for RKing. Along with securing the application, you’ll change the pages to view and edit information for any logged-in user.




Security for Microsoft Visual Basic  .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net