954,560 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
2 Years Ago
0

Forms Authentication

WEB.CONFIG FIlE

<?xml version="1.0"?>
<configuration>
    <appSettings/>
    <connectionStrings/>
    <system.web>
      <authentication mode ="Forms">
        <forms loginUrl="FrmLogin.aspx" protection="All" >
          <credentials passwordFormat="Clear">
            <user name="sonia" password="citm123"/>
            <user name="soni"  password="citm123" />
            <user name="muru" password="citm1234"/>
          </credentials>
        </forms>
      </authentication>
      <authorization>
       <allow users="sonia"/>
        <allow users ="soni"/>
        <deny users="muru"/>
         </authorization>
      <compilation debug="true"/>
         </system.web>
</configuration>

FRMLOGIN.aspx

protected void btnLogin_Click(object sender, EventArgs e)
    {
        if (FormsAuthentication .Authenticate(txtUserName .Text ,txtPassword .Text ))
        {
         FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true);

          Response.Redirect("FrmWelcome.aspx?username=" + txtUserName.Text  );
        }

    }


FRMWELCOME.aspx

protected void Page_Load(object sender, EventArgs e)
    {
       
            lblUserName.Text = Request.QueryString["username"].ToString();  

               
    }

Suppose i enter sonia in username & citm123 in password. I will be redirected to FrmWelcome. Suppose now the user copies the URL of FrmWelcome & open in other window,i want that the user is navigated to FrmLogin. How to do it.Using Cookies??? Can somebody help me out!

sonia sardana
Posting Whiz
326 posts since Mar 2008
Reputation Points: 0
Solved Threads: 8
 
2 Years Ago
0

You are only denying access to the user 'muru'. It means that users other than 'muru' can access the application anonymously.

If you want to prevent the users to access the FrmWelcom or other pages without login to the system, your web.config should be as below

<authorization>
     <allow users="sonia"/>
     <allow users="soni"/>
     <deny users="muru"/>
     <deny users="?"/>
</authorization>


The '?' in deny element prevents anonymous access to the resources.

Also the set the second argument in the statement FormsAuthentication.RedirectFromLoginPage to false.

FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, false);

Setting true will create a durable cookie (one that is saved across browser sessions). Therefore you need to set it as false.

Ramesh S
Posting Pro
583 posts since Jun 2009
Reputation Points: 165
Solved Threads: 113
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed