ASP.Net has a builtin method for the user authenticaiton. So you no more need the cookies variable and No more we need to track the login state ( Which is required when a user enters a url for the page he is not authorised to view), to provide the pages to the user request.In ASP.Net, you can configure the Web.config file existing the root directory of the application, you can see it in the solution explorer. There you can see a tag authentication like this
< authentication mode="Windows" />
Edit this tag to
< authentication mode="Forms">
< forms name="LoginCookie" loginUrl="Login.aspx">
< credentials passwordFormat="Clear">
< user name="Chatanya" password="Agrawal" />
< user name="manoj" password="rajan" />
< /credentials>
< /forms>
< /authentication>
Where LoginCookie is the name of the cookie automatically created by the authentication module.
This will restrict the user to access any page only after authentication, however you do not need authentication for accessing the login page, so you put the code specified below after the system.web tag
In the example above the password is kept in clear text, you can consider encrypting the username and password if needed.
< location path="LoginFail.aspx">
< system.web>
< authorization>
< allow users="*" />
< /authorization>
< /system.web>
< /location>
Now in the login form instead of checking the username , password seperately, use the form's authenticate method.
|
No responses found. Be the first to respond and make money from revenue sharing program.
|