11 Years
Discussion Span
Last Post by Paladine

Have you tried creating a function that makes a call to the DB 'where UserName = ' & txtUserName.Text and return that value to a string variable you pass into the authentication.ticket method?


yes, it works with "Admin" hard coded in there, but i am new to .net and still learning everything. Looking at that code, I don't know how to get my stored proceedure to return the users role. I tried writing another one, but it didn't work out to well. I guess this just comes down to writing a query and converting the results to a string and then inserting them into that ticket.


Thanks for at least trying to help, but some of the people at aspmessageboard.com helped me out after i took your advice.

Here is the code that made it all work for me. This goes in the login page;

Sub Button_Click(ByVal a As Object, ByVal e As EventArgs)
        If IsValid Then
            'load stored procedure DBAuthenticate
            If DBAuthenticate(txtUsername.Text, txtPassword.Text) > 0 Then
                [B]Dim conRoles As SqlConnection
                Dim cmdSelectRoles As SqlCommand
                Dim dtrRoles As String

                conRoles = New SqlConnection("Server=INTRANET;uid=sa;database=safety_training")
                cmdSelectRoles = New SqlCommand("SELECT g.name FROM dbo.Groups g WHERE g.group_id IN (SELECT r.group_id FROM dbo.Roles r WHERE r.user_id IN (SELECT ui.user_id FROM dbo.User_Info ui WHERE ui.user_name=@username AND ui.password=@password))", conRoles)
                cmdSelectRoles.Parameters.AddWithValue("@username", txtUsername.Text)
                cmdSelectRoles.Parameters.AddWithValue("@password", txtPassword.Text)
                dtrRoles = cmdSelectRoles.ExecuteScalar[/B]

                'create authentication ticket
                objTicket = New FormsAuthenticationTicket(2, txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(30), False, dtrRoles)

Now since I don't know how to get this page to redirect depending on the role of the user, I redirected to another page and had that page check the role of the user and then they are redirected to the page i want them to start out at.


Good work.

Just an FYI (understanding .NET, doesn't excuse from needing an understanding of SQL)


CREATE PROCEDURE sp_GetRole /* How it would appear in QUERY ANALYZER */
		@UserName VARCHAR(50) = NULL,
		@Password VARCHAR(50) = NULL,
		@Role VARCHAR(20) = NULL 
	SET @Role = (SELECT Role
	FROM UserTable /* or what you called you table with this data */
	WHERE UserName = @UserName AND Password = @Password)

Hope this helps!

Glad to see you found another option.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.