none
login aspx vb RRS feed

  • Question

  • Salut tout le monde

    j'ai un petit probleme
    je me sert d'un login pour lancer l'editeur d'une page weg
    Mais apres le login meme si on fermer l'editeur lors d'un click sur la fleche de retour page arriere
    ca retourne a la page ou mon editeur est ouvert sa cause un probleme de securité d'acces a ma page
    y a t'il un moyen de reparer ca un bout de code a ajouter 

    Merci
    BigDan
    lundi 1 mars 2010 20:11

Réponses

Toutes les réponses

  • Bonjour,

    Utilisez vous le moteur d'authentification d'ASP .NET ? Ou un moteur perso ?

    Cordialement
    Gilles TOURREAU - MVP C# - Architecte .NET/Consultant/Formateur
    lundi 1 mars 2010 21:10
    Modérateur
  • Bonjour Gilles

    Merci encore pour cette reponse rapide

    moteur perso basé sur asp.net

     

     

    il travail bien mais apres le login c est comme si il avait ouvert une autre page et de la les risque de securité  dumoin je crois qu'il y a risque parce que on peut cliquer sur le boutton de la page precedente et voila tout est full open meme pas besoint de password 

    <div id="Administration" style="width: 100%; border: dotted 0px Maroon; height: 135px !Important;margin:0px;">
    <table style="width: 100%;">
    <tr>
    <td colspan="2" style="background-color: #4b6c9e; color: White; padding: 5px; margin: 0px;"
    align="center">
    <asp:Label ID="Label1" runat="server" Text="Administration" Width="100%"></asp:Label>
    </td>
    </tr>
    <tr>
    <td>
    Utilisateur:
    </td>
    <td>
    <asp:TextBox ID="UserName" runat="server" Width="130px" />
    </td>
    </tr>
    <tr>
    <td>
    Mot de Passe:
    </td>
    <td>
    <asp:TextBox ID="Password" runat="server" TextMode="Password" Width="130px"></asp:TextBox>
    </td>
    </tr>
    <tr>
    <td align="left" style="width: 65%;">
    <asp:HyperLink ID="conn" Visible="false" Text="Modifier" NavigateUrl="~/CLogin.aspx"
    runat="server" Width="100%"></asp:HyperLink>
    </td>
    <td align="right" style="width: 35%;">
    <asp:Button ID="Login" runat="server" Text="Connecter" OnClick="Login_Click" />
    </td>
    </tr>
    <tr>
    <td colspan="2" align="center">
    <asp:Label ID="Erreur" Visible="false" BackColor="Maroon" ForeColor="White" runat="server" Text="Erreur de mot de passe, essayez de nouveau" Width="100%"></asp:Label>
    </td>
    </tr>
    </table>
    </div>

     

     



    Imports System
    Imports System.IO
    Imports System.Xml
    Imports System.Text
    Imports System.Security.Cryptography
    Imports System.Collections.Generic
    Imports System.Linq
    Imports System.Web
    Imports System.Web.UI
    Imports System.Web.UI.WebControls
    Partial Class site


    Inherits System.Web.UI.MasterPage
    Dim LoginStatus As Boolean = False
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load If (Not File.Exists(Server.MapPath("App_Data/User.xml")).Equals(True)) Then CreateNewLogin() Exit Sub Else UserName.Focus() End If End Sub
    Protected Sub CreateNewLogin() Dim xmlDoc As New XmlDocument() ' Write down the XML declaration Dim xmlDeclaration As XmlDeclaration = xmlDoc.CreateXmlDeclaration("1.0", "utf-8", Nothing) ' Create the root element Dim rootNode As XmlElement = xmlDoc.CreateElement("Users") xmlDoc.InsertBefore(xmlDeclaration, xmlDoc.DocumentElement) xmlDoc.AppendChild(rootNode) ' Create a new <Category> element and add it to the root node Dim parentNode As XmlElement = xmlDoc.CreateElement("User") ' Set attribute name and value! 'parentNode.SetAttribute("ID", RCount++.ToString()); xmlDoc.DocumentElement.PrependChild(parentNode) ' Create the required nodes Dim TNode As XmlElement = xmlDoc.CreateElement("UserName") Dim PNode As XmlElement = xmlDoc.CreateElement("Password") ' retrieve the text Dim TNodeText As XmlText = xmlDoc.CreateTextNode(Encrypt("admin")) Dim PNodeText As XmlText = xmlDoc.CreateTextNode(Encrypt("admin")) ' append the nodes to the parentNode without the value parentNode.AppendChild(TNode) parentNode.AppendChild(PNode) ' save the value of the fields into the nodes TNode.AppendChild(TNodeText) PNode.AppendChild(PNodeText) ' Save to the XML file xmlDoc.Save(Server.MapPath("App_Data/User.xml")) End Sub
    Protected Sub Login_Click(ByVal sender As Object, ByVal e As EventArgs) Handles Login.Click Dim username As String Dim pwd As String Dim CurrentUser As String = "" Dim CurrentPwd As String = "" username = Me.UserName.Text pwd = Me.Password.Text Dim xd As New XmlDocument() xd.Load(Server.MapPath("App_Data/User.xml")) Dim xnl As XmlNodeList = xd.GetElementsByTagName("User") For Each xn As XmlNode In xnl Dim cxnl As XmlNodeList = xn.ChildNodes For Each cxn As XmlNode In cxnl If cxn.Name = "UserName" Then If cxn.InnerText = Encrypt(username) Then CurrentUser = username End If End If If cxn.Name = "Password" Then If cxn.InnerText = Encrypt(pwd) Then CurrentPwd = pwd End If End If Next If (CurrentUser <> "") And (CurrentPwd <> "") Then LoginStatus = True End If Next If LoginStatus = True Then Session("UserAuthentication") = username Session.Timeout = 10 Me.UserName.Text = "" Me.Password.Text = "" Else Me.Erreur.Visible = True Session("UserAuthentication") = "" Me.UserName.Text = "" Me.Password.Text = "" Me.UserName.Focus() End If End Sub
    Private Function Encrypt(ByVal pwd As String) As String Dim encoder As New UTF8Encoding() Dim sha1hasher As New SHA1CryptoServiceProvider() Dim hashedDataBytes As Byte() = sha1hasher.ComputeHash(encoder.GetBytes(pwd)) Return byteArrayToString(hashedDataBytes) End Function
    Private Function byteArrayToString(ByVal inputArray As Byte()) As String Dim output As New StringBuilder("") Dim i As Integer = 0 While i < inputArray.Length output.Append(inputArray(i).ToString("X1")) System.Math.Max(System.Threading.Interlocked.Increment(i), i - 1) End While Return output.ToString() End Function End Class


     

     desoler mais je sait pas pourquois c est si petit

     


    BigDan
    mardi 2 mars 2010 05:57
  • Bonjour,

     

    Vous pouvez consulter cet article MSDN pour voir les pas de creation d’un login avec ASP.NET

     

    Cordialement,

    Alex


    Alex Petrescu - MSFT
    vendredi 5 mars 2010 08:33