|
-
Apr 17th, 2005, 04:47 PM
#1
Thread Starter
Frenzied Member
FromsAuthentication.RedirectFromLoginPage - problem [*Resolved*]
Hello
I am using forms authentication which worked fine using this code below. In the project l have customerlist set as the startup page, and a login page. If there are no cookies on the users computer it will rediret to the customerlist page, else the login page will display and ask the user to login. All this works fine.
Code:
//When the user clicks the login button - execute this code
if ( FromsAuthentication.Authenticate( txtUsername.Text, txtPassword.Text) )
{
FromsAuthentication.RedirectFromLoginPage(txtUsername.Text, chkRemember.Checked)
}
In the web.config file l had the usernames and passwords.
<authentication mode="Forms">
<forms name="AuthTicket" protection="All"
loginUrl="Login.aspx" path="/" timeout="20">
<credentials passwordFormat="Clear">
<user name="John" password="john"/>
<user name="Mary" password="mary"/>
<user name="Glen" password="glenn"/>
</credentials>
</forms>
</authentication>
and....
<location path="CustomerList.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
I have now changed this to use a database, so i am not using the code in the web.config file. This is because there will be a lot of people accessing. So l am using a sql query to see if the username and password is in the database. My problem is how can l check for cookies and then redirect to the customerlist page. When l am not using the web.config file.
Code:
//This is the code l am using
//Check to see if there are any cookies on the users computer - Don't know how to do this
try
{
SqlConnection cnn = new SqlConnection("server = steves-pc; initial catalog = Condo; integrated security = true");
cnn.Open();
SqlCommand cmd = cnn.CreateCommand();
cmd.CommandType = CommandType.Text;
cmd.CommandText = "SELECT * FROM [User] " +
"WHERE username = '" + username + "' AND UserPassword = '" + userPassword + "' ";
SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.SingleRow);
if ( dr.Read() )
{
if ( dr["Username"].ToString() == username && dr["UserPassword"].ToString() == userPassword )
{
FromsAuthentication.SetAuthCookie(Username, ture)
//Redirect to the customerlist page - Don't know how to do this
}
else
{
//Deny access
}
}
else
{
//Deny access;
}
}
Thanks in advance,
Steve
Last edited by steve_rm; Apr 19th, 2005 at 05:36 PM.
Reason: Resolved
steve
-
Apr 18th, 2005, 03:52 AM
#2
Frenzied Member
Re: FromsAuthentication.RedirectFromLoginPage - problem
You still need to use the web.config file as follows:
Code:
<authentication mode="Forms">
<forms name="AuthTicket" protection="All"
loginUrl="Login.aspx" path="/" timeout="20">
</forms>
</authentication>
and....
<location path="CustomerList.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
Instead of using FromsAuthentication.SetAuthCookie use FormsAuthentication.RedirectFromLoginPage (it has the same arguments). This method will create the authentication ticket and sort out all the page redirection for you.
Does that cover everything?
DJ
If I have been helpful please rate my post. If I haven't tell me!
-
Apr 18th, 2005, 03:54 AM
#3
Frenzied Member
Re: FromsAuthentication.RedirectFromLoginPage - problem
Whoops ignore that - I've just read your post again - I'm still half-asleep!
DJ
If I have been helpful please rate my post. If I haven't tell me!
-
Apr 18th, 2005, 03:56 AM
#4
Frenzied Member
Re: FromsAuthentication.RedirectFromLoginPage - problem
To check if a user is logged in use User.Identity.IsAuthenticated which returns a Boolean value.
Thing is if the user is logged in they won't be redirected to the login page in any case (you do still need the code in the web.config in my first post).
DJ
Last edited by dj4uk; Apr 18th, 2005 at 04:00 AM.
If I have been helpful please rate my post. If I haven't tell me!
-
Apr 19th, 2005, 05:34 PM
#5
Thread Starter
Frenzied Member
Re: FromsAuthentication.RedirectFromLoginPage - problem
Hello,
Thanks for your help. This is my code that works.
Code:
private void btnLogin_Click(object sender, System.EventArgs e)
{
bool grantAccess = false;
try
{
Condo.CondoServices loginAccess = new Condo.CondoServices();
grantAccess = loginAccess.login(txtUsername.Text,txtPassword.Text);
//Once the user has been granted set cookie and redirect to mainMenu page
if ( grantAccess == true )
{
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text,chkRememberCredentials.Checked);
}
else if ( grantAccess == false ) //Deny access to this user
{
lblMessage.Text = "Access denied - username or password incorrect";
}
}
catch ( SqlException ex )
{
Response.Write(ex.Message);
}
catch ( Exception ex )
{
Response.Write(ex.Message);
}
}
this is the code in the web.config file.
Code:
<authentication mode="Forms">
<forms name="AuthTicket" protection="All"
loginUrl="Login.aspx" path="/" timeout="20">
</forms>
</authentication>
<location path="mainMenu.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
Thanks
Steve
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote