Hey all, I only want a few extra links to appear once authorized and not have the whole web app off limits by using deny users="?". I want it much the same as daniweb, the userCP link isn't visible until a user has logged in, how do I do this in VB .NET?

I got it working guys! and for your reference, I will show you the code.

My Web.Config:

<?xml version="1.0" encoding="utf-8" ?>
   <configuration>
   	<appSettings>
 		<add key="strSqlConnectionString" value="server=SLADE;database=sladesfaculty;"/>
 		<add key="strWebAdminEmail" value="slade@sladesfaculty.com" /> 		
   	  <add key="strWebDevEmail" value="ninjawatch@sladesfaculty.com" />	 
   	</appSettings>	
     <system.web>
   
   	<!--  DYNAMIC DEBUG COMPILATION
   		  Set compilation debug="true" to insert debugging symbols (.pdb information)
   		  into the compiled page. Because this creates a larger file that executes
   		  more slowly, you should set this value to true only when debugging and to
 		 false at all other times. For more information, refer to the documentation about
   		  debugging ASP.NET files.
   	-->
   	<compilation defaultLanguage="vb" debug="true" />
   
   	<!--  CUSTOM ERROR MESSAGES
 		 Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable. 
   		  Add <error> tags for each of the errors you want to handle.
   
   		  "On" Always display custom (friendly) messages.
   		  "Off" Always display detailed ASP.NET error information.
   		  "RemoteOnly" Display custom (friendly) messages only to users not running 
 		 on the local Web server. This setting is recommended for security purposes, so 
   		   that you do not display application detail information to remote clients.
   	-->
   	<customErrors mode="Off" />
   
   	<!--  AUTHENTICATION 
 		 This section sets the authentication policies of the application. Possible modes are "Windows", 
   		  "Forms", "Passport" and "None"
   
   		  "None" No authentication is performed. 
 		 "Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to 
 		 its settings for the application. Anonymous access must be disabled in IIS. 
 		 "Forms" You provide a custom form (Web page) for users to enter their credentials, and then 
 		 you authenticate them in your application. A user credential token is stored in a cookie.
 		 "Passport" Authentication is performed via a centralized authentication service provided
 		 by Microsoft that offers a single logon and core profile services for member sites.
   	-->
   	<authentication mode="Forms">
   	<forms name="SFWeb" loginUrl="FacLogin.aspx" protection="All" path="/" timeout="30">
   	<credentials passwordFormat = "Clear">
   		<user name="Slade" password="test"/>
   		<user name="Scod" password="test"/>
   		<user name="Boonta" password="test"/>
   		<user name="Zorbskie" password="test"/>
   		<user name="Head_Hunter" password="test"/>
   	</credentials>
   	</forms>
   	</authentication>
   
   	<!--  AUTHORIZATION 
 		 This section sets the authorization policies of the application. You can allow or deny access
 		 to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous 
   		  (unauthenticated) users.
   	-->
   	<authorization>
   		<allow users="*" /> <!-- Allow all users -->
   
 		 <!-- <allow	 users="[comma separated list of users]"
 							 roles="[comma separated list of roles]"/>
 				 <deny	 users="[comma separated list of users]"
 							 roles="[comma separated list of roles]"/>
   			-->
   	</authorization>
   
   	<!--  APPLICATION-LEVEL TRACE LOGGING
 		 Application-level tracing enables trace log output for every page within an application. 
 		 Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
 		 trace information will be displayed at the bottom of each page. Otherwise, you can view the 
 		 application trace log by browsing the "trace.axd" page from your web application
   		  root. 
   	-->
 	<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
   
   
   	<!--  SESSION STATE SETTINGS
 		 By default ASP.NET uses cookies to identify which requests belong to a particular session. 
 		 If cookies are not available, a session can be tracked by adding a session identifier to the URL. 
   		  To disable cookies, set sessionState cookieless="true".
   	-->
   	<sessionState 
   			mode="InProc"
   			stateConnectionString="tcpip=127.0.0.1:42424"
   		    sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
   			cookieless="false" 
   			timeout="20" 
   	/>
   
   	<!--  GLOBALIZATION
   		  This section sets the globalization settings of the application. 
   	-->
   	<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
      
     </system.web>
   
   </configuration>

My Login VB code:

Imports System.Web.Security
   Public Class FacLogin
   	Inherits System.Web.UI.Page
   
   
   #Region " Web Form Designer Generated Code "
   
   	'This call is required by the Web Form Designer.
   	<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
   
   	End Sub
   	Protected WithEvents Label1 As System.Web.UI.WebControls.Label
   	Protected WithEvents txtUser As System.Web.UI.WebControls.TextBox
   	Protected WithEvents vUserName As System.Web.UI.WebControls.RequiredFieldValidator
   	Protected WithEvents Label2 As System.Web.UI.WebControls.Label
   	Protected WithEvents txtPass As System.Web.UI.WebControls.TextBox
   	Protected WithEvents vUserPass As System.Web.UI.WebControls.RequiredFieldValidator
   	Protected WithEvents chkPersist As System.Web.UI.WebControls.CheckBox
   	Protected WithEvents cmdLogin As System.Web.UI.HtmlControls.HtmlInputButton
   	Protected WithEvents lblStatus As System.Web.UI.WebControls.Label
   	Protected WithEvents lblCurrentUser As System.Web.UI.WebControls.Label
   
   	'NOTE: The following placeholder declaration is required by the Web Form Designer.
   	'Do not delete or move it.
   	Private designerPlaceholderDeclaration As System.Object
   
   	Private Sub Page_Init(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Init
   		'CODEGEN: This method call is required by the Web Form Designer
   		'Do not modify it using the code editor.
   		InitializeComponent()
   	End Sub
   
   #End Region
   
   	Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
   		'Put user code to initialize the page here
   		'verify authentication
   		If User.Identity.IsAuthenticated Then
   			'display Credential information
 		 lblCurrentUser.Text = "Current User: <b>" & User.Identity.Name & "</b>" & _
 			 "<br>Authentication Used : <b>" & User.Identity.AuthenticationType & "</b>"
   
   		End If
   	End Sub
   	
   
   	Private Sub cmdLogin_ServerClick(ByVal sender As System.Object, ByVal e As System.EventArgs) _
    Handles cmdLogin.ServerClick
   		If FormsAuthentication.Authenticate(txtUser.Text, txtPass.Text) Then
 		 FormsAuthentication.RedirectFromLoginPage(txtUser.Text, chkPersist.Checked)
   		Else
   			lblStatus.Text = "Not Authenticated"
   			If CInt(ViewState("Tries")) > 1 Then
 				Response.Redirect("Denied.aspx")
   			Else
   			    ' Otherwise, increment number of tries.
   			    ViewState("Tries") = CInt(ViewState("Tries")) + 1
   			End If
   		End If
   
   		'Dim tkt As FormsAuthenticationTicket
   		'Dim cookiestr As String
   		'Dim ck As HttpCookie
   
   		'tkt = New FormsAuthenticationTicket(1, txtUser.Text, DateTime.Now(), _
   		'DateTime.Now.AddMinutes(30), chkPersist.Checked, "your custom data")
   		'cookiestr = FormsAuthentication.Encrypt(tkt)
   		'ck = New HttpCookie(FormsAuthentication.FormsCookieName(), cookiestr)
   
   		'If (chkPersist.Checked) Then ck.Expires = tkt.Expiration
   		'ck.Path = FormsAuthentication.FormsCookiePath()
   		'Response.Cookies.Add(ck)
   
   		'Dim strRedirect As String
   		'strRedirect = Request("ReturnURL")
   		'If strRedirect <> "" Then
   		'Response.Redirect(strRedirect, True)
   		'Else
   		'	strRedirect = "default.aspx"
   		'	Response.Redirect(strRedirect, True)
   		'End If
   		'Else
   		'Response.Redirect("FacLogon.aspx", True)
   		'End If
   
   		'If CInt(ViewState("Tries")) > 1 Then
   		'Response.Redirect("Denied.aspx")
   		'Else
   		' Otherwise, increment number of tries.
   		'	ViewState("Tries") = CInt(ViewState("Tries")) + 1
   		'End If
   
   	End Sub
   
   
   End Class

I'm not going to post any more because otherwise it's going to get too big but if you wanna know what I put in the header control or anything else, just ask.

Code looks good Slade, but it is 2:30am and I am not following it as well as I should. I want go through your discovery and see what it is all about tomorrow.

Good post!

lol, sorry about all the comments in there too, I was debugging and forgot to remove them before posting. I might wait until I'm fully finished the internal GUI before I post the code. ahhh what the hey, here's the header:

Imports System.Web.Security
  Imports sladesfaculty.header
  Public Class header
  	Inherits System.Web.UI.UserControl
  
  
  #Region " Web Form Designer Generated Code "
  
  	'This call is required by the Web Form Designer.
  	<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
  
  	End Sub
  	Protected WithEvents imgHome As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgForums As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgGallery As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgLinks As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgMission As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgMembers As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgFacLogin As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents lblTest As System.Web.UI.WebControls.Label
  
  	'NOTE: The following placeholder declaration is required by the Web Form Designer.
  	'Do not delete or move it.
  	Private designerPlaceholderDeclaration As System.Object
  
  	Private Sub Page_Init(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Init
  		'CODEGEN: This method call is required by the Web Form Designer
  		'Do not modify it using the code editor.
  		InitializeComponent()
  	End Sub
  
  #End Region
  
  	Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
  		'verify authentication
  		'Put user code to initialize the page here
  		'verify authentication
  		If Page.User.Identity.IsAuthenticated Then
  			'display Credential information
 		 lblTest.Text = "Current User:<b>&nbsp;" & Page.User.Identity.Name
  			   
  		End If
  
  		Dim currentpage As String
  		currentpage = Request.RawUrl
  		Select Case currentpage
  			Case "/sladesfaculty/default.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeactv.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Default.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeactv.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Forums.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/forumactv.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Gallery.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryactv.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Links.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksactv.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Mission.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msnactv.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Members.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsactv.gif"
  		End Select
  
  
  
  	End Sub
  
 	Private Sub imgHome_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgHome.Click
  		Response.Redirect("Default.aspx")
  	End Sub
  
 	Private Sub imgForums_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgForums.Click
  		Response.Redirect("Forums.aspx")
  	End Sub
  
 	Private Sub imgGallery_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgGallery.Click
  		Response.Redirect("Gallery.aspx")
  	End Sub
  
 	Private Sub imgLinks_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgLinks.Click
  		Response.Redirect("Links.aspx")
  	End Sub
  
 	Private Sub imgMission_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgMission.Click
  		Response.Redirect("Mission.aspx")
  	End Sub
  
 	Private Sub imgMembers_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgMembers.Click
  		Response.Redirect("Members.aspx")
  	End Sub
  
 	Private Sub imgFacLogin_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgFacLogin.Click
  		Response.Redirect("FacLogin.aspx")
  	End Sub
  End Class

I had trouble with this because since it is a control, you can't just pull the authentication values out ie,

If User.Identity.IsAuthenticated Then
   			'display Credential information
  		    lblTest.Text = "Current User:<b>&nbsp;" & User.Identity.Name

That wont work because you have to pull the authentication values from the cookies on the page, so I had to put:

If Page.User.Identity.IsAuthenticated Then
   			'display Credential information
 		 lblTest.Text = "Current User:<b>&nbsp;" & Page.User.Identity.Name

By the way, the code for the login is awesome because if the password is incorrect after three tries, the user is redirected to a page called "Denied.aspx" with the following code:

If CInt(ViewState("Tries")) > 1 Then
 				Response.Redirect("Denied.aspx")
    			Else
    			    ' Otherwise, increment number of tries.
    			    ViewState("Tries") = CInt(ViewState("Tries")) + 1
    			End If

Also, remember when you are working with forms authentication to always include the following at the top of each page:

Imports System.Web.Security

I'm not sure an amaeture like me should be giving out tips but what the hey. Remember when editing the web.config it is EXTREMELY sensitive, one wrong capital somewhere, one incorrect character and the whole code is stuffed. I highly recommend not just copying and pasting it off the web (personal experiece:o). If you want to see the asp code for the logon page, it's as attached, for some reason it wouldn't let me post it as code *shrugs*. If you would like to know any more, just post back!

Slade (I'm getting better at this I think)

I am so glad I posted all of this, my hard drive crashed this morning.

ooooh yes. I think I might post an article on forms authorization, it took me a while to get it to do what I want to do.

Look forward to seeing that article.

You will see it as soon as I get my computer up and running again lol

lol, sorry about all the comments in there too, I was debugging and forgot to remove them before posting. I might wait until I'm fully finished the internal GUI before I post the code. ahhh what the hey, here's the header:

Imports System.Web.Security
  Imports sladesfaculty.header
  Public Class header
  	Inherits System.Web.UI.UserControl
  
  
  #Region " Web Form Designer Generated Code "
  
  	'This call is required by the Web Form Designer.
  	<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
  
  	End Sub
  	Protected WithEvents imgHome As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgForums As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgGallery As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgLinks As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgMission As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgMembers As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents imgFacLogin As System.Web.UI.WebControls.ImageButton
  	Protected WithEvents lblTest As System.Web.UI.WebControls.Label
  
  	'NOTE: The following placeholder declaration is required by the Web Form Designer.
  	'Do not delete or move it.
  	Private designerPlaceholderDeclaration As System.Object
  
  	Private Sub Page_Init(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Init
  		'CODEGEN: This method call is required by the Web Form Designer
  		'Do not modify it using the code editor.
  		InitializeComponent()
  	End Sub
  
  #End Region
  
  	Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
  		'verify authentication
  		'Put user code to initialize the page here
  		'verify authentication
  		If Page.User.Identity.IsAuthenticated Then
  			'display Credential information
 		 lblTest.Text = "Current User:<b>&nbsp;" & Page.User.Identity.Name
  			   
  		End If
  
  		Dim currentpage As String
  		currentpage = Request.RawUrl
  		Select Case currentpage
  			Case "/sladesfaculty/default.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeactv.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Default.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeactv.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Forums.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/forumactv.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Gallery.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryactv.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Links.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksactv.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Mission.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msnactv.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsinac.gif"
  
  			Case "/sladesfaculty/Members.aspx"
 			 imgHome.ImageUrl = "/sladesfaculty/Images/Navigation/homeinac.gif"
 			 imgForums.ImageUrl = "/sladesfaculty/Images/Navigation/foruminac.gif"
 			 imgGallery.ImageUrl = "/sladesfaculty/Images/Navigation/galryinac.gif"
 			 imgLinks.ImageUrl = "/sladesfaculty/Images/Navigation/lnksinac.gif"
 			 imgMission.ImageUrl = "/sladesfaculty/Images/Navigation/msninac.gif"
 			 imgMembers.ImageUrl = "/sladesfaculty/Images/Navigation/mbrsactv.gif"
  		End Select
  
  
  
  	End Sub
  
 	Private Sub imgHome_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgHome.Click
  		Response.Redirect("Default.aspx")
  	End Sub
  
 	Private Sub imgForums_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgForums.Click
  		Response.Redirect("Forums.aspx")
  	End Sub
  
 	Private Sub imgGallery_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgGallery.Click
  		Response.Redirect("Gallery.aspx")
  	End Sub
  
 	Private Sub imgLinks_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgLinks.Click
  		Response.Redirect("Links.aspx")
  	End Sub
  
 	Private Sub imgMission_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgMission.Click
  		Response.Redirect("Mission.aspx")
  	End Sub
  
 	Private Sub imgMembers_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgMembers.Click
  		Response.Redirect("Members.aspx")
  	End Sub
  
 	Private Sub imgFacLogin_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles imgFacLogin.Click
  		Response.Redirect("FacLogin.aspx")
  	End Sub
  End Class

I had trouble with this because since it is a control, you can't just pull the authentication values out ie,

If User.Identity.IsAuthenticated Then
   			'display Credential information
  		    lblTest.Text = "Current User:<b>&nbsp;" & User.Identity.Name

That wont work because you have to pull the authentication values from the cookies on the page, so I had to put:

If Page.User.Identity.IsAuthenticated Then
   			'display Credential information
 		 lblTest.Text = "Current User:<b>&nbsp;" & Page.User.Identity.Name

By the way, the code for the login is awesome because if the password is incorrect after three tries, the user is redirected to a page called "Denied.aspx" with the following code:

If CInt(ViewState("Tries")) > 1 Then
 				Response.Redirect("Denied.aspx")
    			Else
    			    ' Otherwise, increment number of tries.
    			    ViewState("Tries") = CInt(ViewState("Tries")) + 1
    			End If

Also, remember when you are working with forms authentication to always include the following at the top of each page:

Imports System.Web.Security

I'm not sure an amaeture like me should be giving out tips but what the hey. Remember when editing the web.config it is EXTREMELY sensitive, one wrong capital somewhere, one incorrect character and the whole code is stuffed. I highly recommend not just copying and pasting it off the web (personal experiece:o). If you want to see the asp code for the logon page, it's as attached, for some reason it wouldn't let me post it as code *shrugs*. If you would like to know any more, just post back!

Slade (I'm getting better at this I think)

The codes look great, I'm looking beyond the authentication stage, once user login, how to retrieve this particular user's data from the database (SQL Server)? I want to retrieve the user's data from database based on the user's login, eg. User.Identity.Name, then display the data inside the textboxes. Any idea how to get data and display in the textbox? Thanks