Forms Authentication

Please support our ASP.NET advertiser: Intel Parallel Studio Home
Reply

Join Date: Mar 2008
Posts: 324
Reputation: sonia sardana has a little shameless behaviour in the past 
Solved Threads: 7
sonia sardana sonia sardana is offline Offline
Posting Whiz

Forms Authentication

 
0
  #1
Sep 29th, 2009
WEB.CONFIG FIlE
ASP.NET Syntax (Toggle Plain Text) 
  1. <?xml version="1.0"?>
  2. <configuration>
  3.     <appSettings/>
  4.     <connectionStrings/>
  5.     <system.web>
  6.       <authentication mode ="Forms">
  7.         <forms loginUrl="FrmLogin.aspx" protection="All" >
  8.           <credentials passwordFormat="Clear">
  9.             <user name="sonia" password="citm123"/>
  10.             <user name="soni"  password="citm123" />
  11.             <user name="muru" password="citm1234"/>
  12.           </credentials>
  13.         </forms>
  14.       </authentication>
  15.       <authorization>
  16.        <allow users="sonia"/>
  17.         <allow users ="soni"/>
  18.         <deny users="muru"/>
  19.          </authorization>
  20.       <compilation debug="true"/>
  21.          </system.web>
  22. </configuration>


FRMLOGIN.aspx
ASP.NET Syntax (Toggle Plain Text) 
  1.  protected void btnLogin_Click(object sender, EventArgs e)
  2.     {
  3.         if (FormsAuthentication .Authenticate(txtUserName .Text ,txtPassword .Text ))
  4.         {
  5.          FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true);
  6.  
  7.           Response.Redirect("FrmWelcome.aspx?username=" + txtUserName.Text  );
  8.         }
  9.  
  10.     }

FRMWELCOME.aspx
ASP.NET Syntax (Toggle Plain Text) 
  1.  protected void Page_Load(object sender, EventArgs e)
  2.     {
  3.  
  4.             lblUserName.Text = Request.QueryString["username"].ToString();  
  5.  
  6.  
  7.     }


Suppose i enter sonia in username & citm123 in password. I will be redirected to FrmWelcome. Suppose now the user copies the URL of FrmWelcome & open in other window,i want that the user is navigated to FrmLogin. How to do it.Using Cookies??? Can somebody help me out!
Reply With Quote Quick reply to this message  
Join Date: Jun 2009
Posts: 449
Reputation: Ramesh S will become famous soon enough Ramesh S will become famous soon enough 
Solved Threads: 82
Ramesh S Ramesh S is offline Offline
Posting Pro in Training

Re: Forms Authentication

 
0
  #2
Sep 30th, 2009
You are only denying access to the user 'muru'. It means that users other than 'muru' can access the application anonymously.

If you want to prevent the users to access the FrmWelcom or other pages without login to the system, your web.config should be as below
ASP.NET Syntax (Toggle Plain Text) 
  1. <authorization>
  2.      <allow users="sonia"/>
  3.      <allow users="soni"/>
  4.      <deny users="muru"/>
  5.      <deny users="?"/>
  6. </authorization>

The '?' in deny element prevents anonymous access to the resources.

Also the set the second argument in the statement FormsAuthentication.RedirectFromLoginPage to false.

ASP.NET Syntax (Toggle Plain Text) 
  1.  FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, false);
Setting true will create a durable cookie (one that is saved across browser sessions). Therefore you need to set it as false.
Last edited by Ramesh S; Sep 30th, 2009 at 2:17 am.
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
Message:



Similar Threads
Other Threads in the ASP.NET Forum
Thread Tools Search this Thread



Tag cloud for ASP.NET
.net 2.0 activexcontrol advice ajax alltypeofvideos anathor asp asp.net bc30451 bottomasp.net browser button c# c#gridviewcolumn checkbox click commonfunctions confirmationcodegeneration courier css dataaccesslayer database datagridview datagridviewcheckbox datalist deadlock development dgv dropdownlist edit editing expose feedback flash form formatdecimal forms formview google grid gridview homeedition hosting iframe iis index javascript jquery list listbox login microsoft migration mono mouse mssql multistepregistration news numerical object objects panelmasterpagebuttoncontrols parent problem project radio reportemail richtextbox rotatepage save schoolproject search security session silverlight smartcard software sql-server sqlserver2005 suse textbox tracking unauthorized update validation vb.net video videos view virtualdirectory vista visualstudio web webapplications webdevelopemnt webprogramming webservice xml youareanotmemberofthedebuggerusers
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC