I am trying to implement FormsAuthentication in my asp.net website.
I am using VS-2005. The login page in my application is "Default.aspx" from this page I want to redirect the user to "FirstForm.aspx". However, if I type the address of the target page when in login page I am able to request this page without logging in.
I have added the following lines to my web.config
<authentication mode="Forms"> <forms name=".ASPXFORMSDEMO" loginUrl="Default.aspx" protection="All" path="~/" timeout="30" /> </authentication> <authorization> <deny users="?"/> <!--<allow users="*" />--> </authorization>
The code inside the login button eventhandler is as follows:-
ad = New Aranya_Data Dim code As Integer = ad.validateuser(txtuserid.Text, txtpwd.Text) 'need to implement forms authentication here If code = 0 Then FormsAuthentication.RedirectFromLoginPage(txtuserid.Text, False) Else Response.Redirect("~/Default.aspx") End If
Here the validateuser method is declared in class module Aranya_Data which is used to lookup the database and validate the userid and password and return 0 on successful validation.
When I request a page without logging the browser displays the pg and at the bottom it displays script error. On checking details says "Sys not defined at few places and syntax error at one place"
I have used an access database and put it inside 'App_Data' folder and the connection string is declared in web.config. Will using an access db make a diff?
Please let me know your valuable suggestion to resolve this issue as soon as possible
Thanks in adv,
Edited by sujimon: adding more details