This is what I sue and it seems to work.
I am not to hot at ASP.NET yet, but it seems straight forward.
In your Web.Config file you need:
<authentication mode="Forms">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
protection="All"
slidingExpiration="true"
timeout = "10"
/>
</authentication>
<authorization>
<deny users="?" />
</authorization>
I have a login page, which I am assuming you have to.
The code in my "login" button is:
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
Dim objTicket As FormsAuthenticationTicket
Dim objCookie As HttpCookie
Dim strReturnURL As String
If IsValid Then
If txtUsername.Text = "wokawidget" And txtPassword.Text = "woof" Then
objTicket = New FormsAuthenticationTicket(txtUsername.Text, False, 5)
objCookie = New HttpCookie(".ASPXAUTH")
objCookie.Value = FormsAuthentication.Encrypt(objTicket)
Response.Cookies.Add(objCookie)
strReturnURL = Request.Params("ReturnURL")
If strReturnURL Is Nothing Then
Response.Redirect("Main.aspx")
Else
Response.Redirect(strReturnURL)
End If
Else
lblMessage.Text = "Incorect username/password"
End If
Else
lblMessage.Text = "Incorect username/password"
End If
End Sub
You need to import System.Web.Security for this.
I am currently learning more about this subject, and am just in the process of having users in a DB table.
Both the Login page, and the web config file, have references to ".ASPXAUTH". These MUST be the same name! It could be ".WOOF" for all you care, but so long as they are the same it will work.
Woka