Ad:

ASP.NET Discussion Thread
Marked Solved
Views: 276853

You are currently viewing page 1 of this multi-page discussion thread

May 14th, 2004

Simple ASP.Net Login Page (Using VB.Net)

Expand Post »

This is sample code for a ASP.Net Login page (using Visual Basic.Net code behind) with OleDB connection to an Access Database using ADO.Net.

The datebase used is the Access Northwind Database. With the connection string being placed in the web.config file.

1. Web Config File code:

ASP.NET Syntax (Toggle Plain Text)
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <!--	|||||	Application Settings	|||||	-->
  <appSettings>
	<add key="strConn" value="Provider = Microsoft.Jet.OLEDB.4.0;Data Source=C:\Inetpub\wwwroot\Northwind.mdb;User ID=Admin;Password=;" />
  </appSettings>
  <system.web>
....
...
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <!--	|||||	Application Settings	|||||	-->
  <appSettings>
	<add key="strConn" value="Provider = Microsoft.Jet.OLEDB.4.0;Data Source=C:\Inetpub\wwwroot\Northwind.mdb;User ID=Admin;Password=;" />
  </appSettings>
  <system.web>
....
...

Authentication will be conducted by "forms" authentication set in the web.config file:

ASP.NET Syntax (Toggle Plain Text)
....
....
<!--  AUTHENTICATION 
          This section sets the authentication policies of the application. Possible modes are "Windows", 
          "Forms", "Passport" and "None"
 
          "None" No authentication is performed. 
          "Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to 
           its settings for the application. Anonymous access must be disabled in IIS. 
          "Forms" You provide a custom form (Web page) for users to enter their credentials, and then 
           you authenticate them in your application. A user credential token is stored in a cookie.
          "Passport" Authentication is performed via a centralized authentication service provided
           by Microsoft that offers a single logon and core profile services for member sites.
    -->
    <!--	|||||	MY Authentication Setup	|||||	-->
    <authentication mode="Forms"> 
		<forms name="NWLogin" loginUrl="Login.aspx" />
	</authentication>
 
    <!--  AUTHORIZATION
....
....
<!--  AUTHENTICATION 
          This section sets the authentication policies of the application. Possible modes are "Windows", 
          "Forms", "Passport" and "None"

          "None" No authentication is performed. 
          "Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to 
           its settings for the application. Anonymous access must be disabled in IIS. 
          "Forms" You provide a custom form (Web page) for users to enter their credentials, and then 
           you authenticate them in your application. A user credential token is stored in a cookie.
          "Passport" Authentication is performed via a centralized authentication service provided
           by Microsoft that offers a single logon and core profile services for member sites.
    -->
    <!--	|||||	MY Authentication Setup	|||||	-->
    <authentication mode="Forms"> 
		<forms name="NWLogin" loginUrl="Login.aspx" />
	</authentication>

    <!--  AUTHORIZATION

3. Login Page Creationg (HTML Side), with form validation controls, using a summary display for an controls not passing validation.:

ASP.NET Syntax (Toggle Plain Text)
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="Login.aspx.vb" Inherits="NorthLogin.WebForm1"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
	<head>
		<title>Northwind Database Login</title>
		<meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR">
		<meta content="Visual Basic .NET 7.1" name="CODE_LANGUAGE">
		<meta content="JavaScript" name="vs_defaultClientScript">
		<meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema">
	</head>
	<body>
		<!-- |||||	Login Form	||||| -->
		<form id="frmlogin" method="post" runat="server">
			<asp:label id="lblMessage" runat="server" width="288px" font-bold="True" font-italic="True"
				font-size="Medium" forecolor="#C00000"></asp:label>
			<table id="mainTable" style="POSITION: absolute; TOP: 30%">
				<tr>
					<td>
						<table cellspacing="15" id="loginTable" style="BORDER-RIGHT: #6699cc solid; BORDER-TOP: #6699cc solid; FONT-WEIGHT: bold; LEFT: 30%; BORDER-LEFT: #6699cc solid; BORDER-BOTTOM: #6699cc solid; FONT-FAMILY: Sans-Serif; BACKGROUND-COLOR: lightgrey">
							<tr>
								<td><b>Login: </b>
								</td>
								<td>
									<asp:textbox id="txtUserName" runat="server" width="160px"></asp:textbox>
									<asp:requiredfieldvalidator runat="server" id="rvUserValidator" controltovalidate="txtUserName" errormessage="You must supply a Username!"
										display="None" />
								</td>
							</tr>
							<tr>
								<td><b>Password: </b>
								</td>
								<td>
									<asp:textbox id="txtPassword" runat="server" textmode="Password" width="160px"></asp:textbox>
									<asp:requiredfieldvalidator runat="server" id="rvPasswordValidator" controltovalidate="txtPassword" errormessage="Empty Passwords not accepted"
										display="None" />
								</td>
							</tr>
							<tr>
								<td align="center" colspan="2"><asp:button id="cmdSubmit" text="Submit" runat="server" borderstyle="Solid"></asp:button></td>
							</tr>
						</table>
					</td>
				</tr>
				<tr>
					<td>
						<table id="messageDisplay">
							<tr>
								<td><asp:validationsummary runat="server" displaymode="BulletList" id="Validationsummary1" width="472px" />
								</td>
							</tr>
						</table>
					</td>
				</tr>
			</table>
		</form>
		<!--	|||||	End of Form	|||||	-->
	</body>
</html>
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="Login.aspx.vb" Inherits="NorthLogin.WebForm1"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
	<head>
		<title>Northwind Database Login</title>
		<meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR">
		<meta content="Visual Basic .NET 7.1" name="CODE_LANGUAGE">
		<meta content="JavaScript" name="vs_defaultClientScript">
		<meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema">
	</head>
	<body>
		<!-- |||||	Login Form	||||| -->
		<form id="frmlogin" method="post" runat="server">
			<asp:label id="lblMessage" runat="server" width="288px" font-bold="True" font-italic="True"
				font-size="Medium" forecolor="#C00000"></asp:label>
			<table id="mainTable" style="POSITION: absolute; TOP: 30%">
				<tr>
					<td>
						<table cellspacing="15" id="loginTable" style="BORDER-RIGHT: #6699cc solid; BORDER-TOP: #6699cc solid; FONT-WEIGHT: bold; LEFT: 30%; BORDER-LEFT: #6699cc solid; BORDER-BOTTOM: #6699cc solid; FONT-FAMILY: Sans-Serif; BACKGROUND-COLOR: lightgrey">
							<tr>
								<td><b>Login: </b>
								</td>
								<td>
									<asp:textbox id="txtUserName" runat="server" width="160px"></asp:textbox>
									<asp:requiredfieldvalidator runat="server" id="rvUserValidator" controltovalidate="txtUserName" errormessage="You must supply a Username!"
										display="None" />
								</td>
							</tr>
							<tr>
								<td><b>Password: </b>
								</td>
								<td>
									<asp:textbox id="txtPassword" runat="server" textmode="Password" width="160px"></asp:textbox>
									<asp:requiredfieldvalidator runat="server" id="rvPasswordValidator" controltovalidate="txtPassword" errormessage="Empty Passwords not accepted"
										display="None" />
								</td>
							</tr>
							<tr>
								<td align="center" colspan="2"><asp:button id="cmdSubmit" text="Submit" runat="server" borderstyle="Solid"></asp:button></td>
							</tr>
						</table>
					</td>
				</tr>
				<tr>
					<td>
						<table id="messageDisplay">
							<tr>
								<td><asp:validationsummary runat="server" displaymode="BulletList" id="Validationsummary1" width="472px" />
								</td>
							</tr>
						</table>
					</td>
				</tr>
			</table>
		</form>
		<!--	|||||	End of Form	|||||	-->
	</body>
</html>

4. The Code behind (in visual basic.net)

a. Imports:

ASP.NET Syntax (Toggle Plain Text)
Imports System.Web.Security '   |||||   Required Class for Authentication
Imports System.Data '   |||||   DB Accessing Import
Imports System.Data.OleDb   '   ||||||  Access Database Required Import!
Imports System.Configuration    '   ||||||  Required for Web.Config appSettings |||||
 
'   |||||   Connection String - XML coded in Web.Config
'   |||||   Remember to set the Security Settings in Windows on the MDB file for IUSR
Imports System.Web.Security '   |||||   Required Class for Authentication
Imports System.Data '   |||||   DB Accessing Import
Imports System.Data.OleDb   '   ||||||  Access Database Required Import!
Imports System.Configuration    '   ||||||  Required for Web.Config appSettings |||||

'   |||||   Connection String - XML coded in Web.Config
'   |||||   Remember to set the Security Settings in Windows on the MDB file for IUSR

b. Add the code for the button click event (in this case cmdSubmit button):

ASP.NET Syntax (Toggle Plain Text)
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        '   |||||   Put user code to initialize the page here
    End Sub
 
    Private Sub cmdSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSubmit.Click
        If Page.IsValid Then
            '   |||||   Connect to Database for User Validation |||||
            If DBConnection(txtUserName.Text, txtPassword.Text) Then
                FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False)  '   |||||   default.aspx Page!
 
            Else
                '   |||||   Credentials are Invalid
                lblMessage.Text = "Invalid Login!"
            End If
        End If
    End Sub
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        '   |||||   Put user code to initialize the page here
    End Sub

    Private Sub cmdSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSubmit.Click
        If Page.IsValid Then
            '   |||||   Connect to Database for User Validation |||||
            If DBConnection(txtUserName.Text, txtPassword.Text) Then
                FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False)  '   |||||   default.aspx Page!

            Else
                '   |||||   Credentials are Invalid
                lblMessage.Text = "Invalid Login!"
            End If
        End If
    End Sub

c. Write the code for the DBConnection Subroutine - Beginning with variable creation, and obtaining the connection string from web.config:

ASP.NET Syntax (Toggle Plain Text)
 '   |||||   Declare Required Variables
        '   |||||   Access appSettings of Web.Config for Connection String (Constant)
        Dim LoginSQL As String
        Dim MyConn As OleDbConnection = New OleDbConnection(ConfigurationSettings.AppSettings("strConn"))
 '   |||||   Declare Required Variables
        '   |||||   Access appSettings of Web.Config for Connection String (Constant)
        Dim LoginSQL As String
        Dim MyConn As OleDbConnection = New OleDbConnection(ConfigurationSettings.AppSettings("strConn"))

d. Withing DBConnection Subroutine :

ASP.NET Syntax (Toggle Plain Text)
'   |||||   Create a OleDb Command Object
'   |||||   Pass in the SQL String and Connection Object related to SQL String.
'   |||||   Passing in SQL string and Connection Obj to the OleDbCommand Constructor
 
'   |||||   Create a OleDb Command Object
'   |||||   Pass in the SQL String and Connection Object related to SQL String.
'   |||||   Passing in SQL string and Connection Obj to the OleDbCommand Constructor

ASP.NET Syntax (Toggle Plain Text)
'   |||||   Pass in Stored procedure
'   |||||   Set CommandType to Stored Procedure
Dim MyCmd As New OleDbCommand("sp_ValidateUser", MyConn)
MyCmd.CommandType = CommandType.StoredProcedure
 
'   |||||   Create Parameter Objects for values passed in
Dim objParam1, objParam2 As OleDbParameter
 
'   |||||   Pass in Stored procedure
'   |||||   Set CommandType to Stored Procedure
Dim MyCmd As New OleDbCommand("sp_ValidateUser", MyConn)
MyCmd.CommandType = CommandType.StoredProcedure

'   |||||   Create Parameter Objects for values passed in
Dim objParam1, objParam2 As OleDbParameter

***Note*** The SQL Stored Procedure in Access is :

ASP.NET Syntax (Toggle Plain Text)
SELECT Count(*) as Num_of_Users FROM tblUsers WHERE u_Name = @UserName AND u_Password = @Password;
SELECT Count(*) as Num_of_Users FROM tblUsers WHERE u_Name = @UserName AND u_Password = @Password;

Continue in DBConnection Subroutine :

ASP.NET Syntax (Toggle Plain Text)
'   |||||   Add the parameters to the parameters collection of the
'   |||||   command object, and set their datatypes (OleDbType in this case)
objParam1 = MyCmd.Parameters.Add("@UserName", OleDbType.Char)
objParam2 = MyCmd.Parameters.Add("@Password", OleDbType.Char)
'   |||||   Set the direction of the parameters...input, output, etc
objParam1.Direction = ParameterDirection.Input
objParam2.Direction = ParameterDirection.Input
'   |||||   Set the value(s) of the parameters to the respective source controls
objParam1.Value = txtUserName.Text
objParam2.Value = txtPassword.Text
 
'   |||||   Try, catch block!
    Try
       '   |||||   Check if Connection to DB is already open, if not, then open    a      connection
        If MyConn.State = ConnectionState.Closed Then
        '   |||||   DB not already Open...so open it
            MyConn.Open()
        End If
 
        '   |||||   Create OleDb Data Reader
        Dim objReader As OleDbDataReader
        objReader = MyCmd.ExecuteReader(CommandBehavior.CloseConnection)
        '   |||||   Close the Reader and the Connection Closes with it
 
        While objReader.Read()
           If CStr(objReader.GetValue(0)) <> "1" Then
               lblMessage.Text = "Invalid Login!"
           Else
               objReader.Close()   '   |||||   Close the Connections & Reader
               Return True
           End If
 
        End While
   Catch ex As Exception
            lblMessage.Text = "Error Connecting to Database!"
   End Try
 
 
End Function
'   |||||   Add the parameters to the parameters collection of the
'   |||||   command object, and set their datatypes (OleDbType in this case)
objParam1 = MyCmd.Parameters.Add("@UserName", OleDbType.Char)
objParam2 = MyCmd.Parameters.Add("@Password", OleDbType.Char)
'   |||||   Set the direction of the parameters...input, output, etc
objParam1.Direction = ParameterDirection.Input
objParam2.Direction = ParameterDirection.Input
'   |||||   Set the value(s) of the parameters to the respective source controls
objParam1.Value = txtUserName.Text
objParam2.Value = txtPassword.Text

'   |||||   Try, catch block!
    Try
       '   |||||   Check if Connection to DB is already open, if not, then open    a      connection
        If MyConn.State = ConnectionState.Closed Then
        '   |||||   DB not already Open...so open it
            MyConn.Open()
        End If

        '   |||||   Create OleDb Data Reader
        Dim objReader As OleDbDataReader
        objReader = MyCmd.ExecuteReader(CommandBehavior.CloseConnection)
        '   |||||   Close the Reader and the Connection Closes with it

        While objReader.Read()
           If CStr(objReader.GetValue(0)) <> "1" Then
               lblMessage.Text = "Invalid Login!"
           Else
               objReader.Close()   '   |||||   Close the Connections & Reader
               Return True
           End If

        End While
   Catch ex As Exception
            lblMessage.Text = "Error Connecting to Database!"
   End Try


End Function

Voila, compile and run. Hopefully the comments in and outside of the code give you enough of an idea on how to customize this code for your needs.

Happy coding folks! :lol:

Similar Threads

Simple ASP.Net Login Page using C# in C#
Updated : Simple ASP.Net Login Page in ASP.NET

Paladine

Team Colleague

Reputation Points: 211

Solved Threads: 27

Master Poster

Offline

793 posts
since Feb 2003

Permalink

May 16th, 2004

Good job

Once again Paladine buddy, you've done a great job. Congrats man, good code.

Slade

Reputation Points: 115

Solved Threads: 7

Practically a Master Poster

Offline

633 posts
since Mar 2004

Permalink

May 16th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

Thanks Slade. I just hope someone can put the code to good use.

I plan to upgrade this code to a moderate level of knowledge, by creating a Login User Customizable control that can be dropped into any page where it is needed. But that won't be a few weeks at least.

Paladine

Team Colleague

Reputation Points: 211

Solved Threads: 27

Master Poster

Offline

793 posts
since Feb 2003

Permalink

May 19th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

Just a reminder to the new ASP.NET Programmers: your web.config file is case-sensitive, so be careful copying the text

Tekmaven

Moderator

Reputation Points: 322

Solved Threads: 28

The C# Man, Myth, Legend

Offline

914 posts
since Feb 2002

Permalink

Jul 12th, 2004

Re: Attempts

A small addition to this code, which will allow the application to monitor the number of attempts at a login before granting or denying access.

a. Modify the Global.asax Session_Start method:

(Toggle Plain Text)

Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
        '<summary>
        '   |Fires when the session is started
        '   |Administrator will only be allowed a certain number of login attempts
        '</summary>
        Session("Num_of_Tries") = 3
        Session("LoginCount") = 0

        '   |Track whether they're logged in or not
        Session("Logged_IN") = "No"
End Sub

b. Add the code for the button click event (in this case cmdSubmit button): - Revised!

(Toggle Plain Text)

Private Sub cmdSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSubmit.Click
        If Page.IsValid Then    '   ||||| Meaning the Control Validation was successful!
            '   |||||   Connect to Database for User Validation |||||
            Dim intMaxLoginAttempts = CInt(Session("Num_of_Tries"))

            If DBConnection(txtUserName.Text.Trim(), txtPassword.Text.Trim()) Then
                Session("Logged_IN") = "Yes"    '   |||||   Use to Validate on other pages in the application
                FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False)  '   |||||   default.aspx Page!
            Else
                '   |||||   Credentials are Invalid
                lblMessage.Text = "Invalid Login!"
                '   |||||   Increment the LoginCount (attempts)
                Session("LoginCount") = CInt(Session("LoginCount")) + 1
                '   |||||   Determine the Number of Tries
                If Session("LoginCount").Equals(intMaxLoginAttempts) Then
                    Response.Redirect("Denied.aspx")
                End If

            End If
        End If
End Sub

c. Validate login on other pages in the application - Add to Page_Load Event

(Toggle Plain Text)

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        '   <summary>
        '   |||||   Authenicate user for accces to pages within application
        '   |||||   Enusre the page can't be navigated to without
        '   |||||   user's being online and logged in.
        '   |||||   **Note: Logged_IN session object is created in Session_Start 
        '   |||||   of the Global.asax file **
        '   </summary>

        '   |Do not allow caching of page
        Response.Cache.SetCacheability(HttpCacheability.NoCache)
        If Session("Logged_IN").Equals("No") Then
            Response.Redirect("Login.aspx")
        End If

Happy coding

Paladine

Team Colleague

Reputation Points: 211

Solved Threads: 27

Master Poster

Offline

793 posts
since Feb 2003

Permalink

Jul 16th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

I am new to stored procedures in Access, infact I have been told that it could not be done. I have tried to create a query in sql view and named it sp_Check User, but I get an error that my app can not access the table or querry.

How do I create a stored procedure in Access?

Thanks,

JasonRCS

Reputation Points: 13

Solved Threads: 1

Newbie Poster

Offline

13 posts
since Jul 2004

Permalink

Jul 16th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

Hi JasonRCS, I think I can help. Whom ever told you that Stored Procedures can not be done in access was completely wrong...well ok, maybe just a little wrong. Granted they look nothing like those done on SQL server, but they do function the same way.

In the above exercise this is the stored "procedure" I used.

ASP.NET Syntax (Toggle Plain Text)
SELECT COUNT(*) AS Num_of_User
FROM tblUser
WHERE (((tblUser.U_Name)=[@UserName]) AND ((tblUser.U_Password)=[@Password]));
SELECT COUNT(*) AS Num_of_User
FROM tblUser
WHERE (((tblUser.U_Name)=[@UserName]) AND ((tblUser.U_Password)=[@Password]));

That is exactly how it appears in the SQL view in Access. See here is why the person who said it wasn't possible was partly right.

As you don't really use the Create Procedure syntax as you would in SQL Server. But the principle is still the same.

Hope this helps.

Paladine

Team Colleague

Reputation Points: 211

Solved Threads: 27

Master Poster

Offline

793 posts
since Feb 2003

Permalink

Sep 15th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

I'm a newbie. I have 8 years of access experience and had enough of it.
Can anyone put this code together in a folder in the correct files for me or at least tell me which codes go into which files? I just couldn't get it working.
Thanks in advance.

curiosity5

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

4 posts
since Sep 2004

Permalink

Sep 17th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

I attached the two files.
I just renamed them to .txt for attachment.
I have login.aspx and web.config in a folder. It stopped at
Line 1: <%@ Page Language="vb" AutoEventWireup="false" Codebehind="Login.aspx.vb" Inherits="NorthLogin.WebForm1"%>

Please help!!

Attached Files

	login.txt (5.8 KB, 1608 views)
	web.txt (480 Bytes, 966 views)

curiosity5

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

4 posts
since Sep 2004

Permalink

Sep 17th, 2004

Re: Simple ASP.Net Login Page (Using VB.Net)

oh wait, i know what i did wrong. Let me try this again.

curiosity5

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

4 posts
since Sep 2004

Page 1
2
3
4
5
Next
Last

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

This thread is currently closed and is not accepting any new replies.

Previous Thread in ASP.NET Forum Timeline: ASP.Net Directory Problems

Next Thread in ASP.NET Forum Timeline: Ready to take up a challenge

DaniWeb Message

Cancel Changes

User Name
Password