There are many questions that I answer in asp.net forum. Here is/are some of them.
I have a page which can only be seen by the members…no guest can Access tht page …m using asp.net wid c# can i get an basic idea how do i redirect tht person to login page if they r not logged…and wid a condition tht if they r loggin already thn no need to show the loggin page they can directly access to the private page
Suppose you want restriction to the Page Member.aspx. In that case all you need to do to redirect the guest is : using a simple Authorization Rule in your web.config like this:
In such case, you compel your members to view the private page. There are several other options but it is one of the basica. Best of luck.
Require https to safeguard Windows Authentication credentials?
Basically the diffrence is in the usage of port. HTTP uses port 80 and when it is secured HTTP (HTTPS), the port is changed to 443. In case of Forms authentication there is an attribute called “requireSSL” which specifies whether Forms authentication should happen in a secure HTTPS. You may keep it true or false. See below:
It is strongly recommended that the loginUrl should be an SSL URL (https://) to keep secure credentials secure from prying eyes.
But all these things are applicable when it is only Forms authentication, The Windows operating system has a role system built into it. This Windows security group system is an ideal system to use when you are working with intranet-based applications where you might have all users already in defined roles. This, of course, works best if you have anonymous authentication turned off for your ASP.NET application, and you have configured your application to use Windows Authentication.
Best of luck.