Form Authentication
1. In Web.Config
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" timeout="30" name=".MyCookieOfFromAuth"
path="/" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false">
</forms>
</authentication>
--------------------------------------------------------------------------
2. In Global.asax file
<%@ Import Namespace="System.Security.Principal" %>
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
FormsIdentity fi;
fi = (FormsIdentity)(User.Identity);
FormsAuthenticationTicket tkt;
tkt = fi.Ticket;
string ud;
ud = tkt.UserData;
string[] ar = ud.Split('|');
HttpContext.Current.User = new GenericPrincipal(fi, ar);
}
}
----------------------------------------------------------------------------
3. On Login Page
protected void btnlogin_Click(object sender, EventArgs e)
{
DataTable dt = new DataTable();
Hashtable ht = new Hashtable();
ht.Add("@UserName", txtusername.Text);
ht.Add("@Password", txtpwd.Text);
dt = NSBuilder.DataAccess.GetDataSet("Usp_Login", ht).Tables[0];
if (dt.Rows.Count > 0)
{
string username = dt.Rows[0]["UserName"].ToString();
string userrole = dt.Rows[0]["Role"].ToString();
GenerateTicket(username, userrole);
if(User.IsInRole("Administrator"))
{
Response.Redirect("Admin/Administrator.aspx");
}
if (User.IsInRole("Member"))
{
Response.Redirect("Members/Member.aspx");
}
if (User.IsInRole("Guest"))
{
Response.Redirect("Guests/Guest.aspx");
}
//if (userrole == "Administrator")
//{
// Response.Redirect("Admin/Administrator.aspx");
//}
//if (userrole == "Member")
//{
// Response.Redirect("Members/Member.aspx");
//}
//if (userrole == "Guest")
//{
// Response.Redirect("Guests/Guest.aspx");
//}
}
//if(HttpContext.Current.User.IsInRole("Administrator"))
//{
// Response.Redirect("Administrator.aspx");
//}
//if (HttpContext.Current.User.IsInRole("Member"))
//{
// Response.Redirect("Member.aspx");
//}
//if (HttpContext.Current.User.IsInRole("Guest"))
//{
// Response.Redirect("Guest.aspx");
//}
}
protected void GenerateTicket(string uname,string urole)
{
FormsAuthenticationTicket k = new FormsAuthenticationTicket(1, txtusername.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false, urole, FormsAuthentication.FormsCookiePath);
string st;
st = FormsAuthentication.Encrypt(k);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, st);
Response.Cookies.Add(ck);
}
---------------------------------------------------------------------
0 comments:
Post a Comment