Resources » Code Snippets » ASP.NET WebForms

Create user in web.config file and authenticate and authorise them


Posted Date: 25-Jul-2010  Last Updated:   Category: ASP.NET WebForms    
Author: Member Level: Gold    Points: 10


How to create user in web.config file and authenticate and authorise them





How to create user in web.config file and authenticate and authorise them



Web.config file,is a configuration file used in Asp .net web application. An Asp .net application has at least one web.config file which keeps the configurations required for the application. Web.config file is a XML file with specific tags having specific meanings.


What is stored in Web.config file


There are number of settings that can be stored in the Web.config file. Following are the most used configurations, stored in Web.config file..
1.Database connections
2.Security
3.Session States
4.Error Handling

The most important thing of any application is the security.In this post I will tell about how we can use web.config for security in asp.net application

I am showing a simple application of how to create user in web.config file and authenticate and authorise them.

How to Create user in web.config file

Find the following line in your web.config file




<authentication mode="Windows" />



Modify it as below




<authentication mode="Forms">
<forms>
<credentials passwordFormat="Clear">
<user name="admin" password="admin"/>
<user name="admin1" password="admin1"/>
<user name="admin2" password="admin2"/>
</credentials>
</forms>
</authentication>




Now drag and drop two TextBox and a Button control in your desing page (login.aspx)
Or
Copy paste following code in your .aspx page




UserName<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox><br />
Password<asp:TextBox ID="TextBox2" runat="server"></asp:TextBox><br />
<br />

<asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Login" />





Now double click on your button and write following code in it's button click event




if(FormsAuthentication.Authenticate(TextBox1.Text,TextBox2.Text))
FormsAuthentication.RedirectFromLoginPage(TextBox1.Text,false);
else
Response.Write("Wrong user");




That's it with creating and authenticating user in Web.config file

Now I am showing how to authorize user using web.config file

First add four web pages in your application named default.aspx, default2.aspx, default3.aspx and default4.aspx

On default2.aspx write a message for user admin (welcome admin)
On default3.aspx write a message for user admin1 (welcome admin1)
On default4.aspx write a message for user admin2 (welcome admin2)


Find the following tag (closing of system.web tag) your web.config file



</system.web>





Now write the following code in below </system.web> tag



<location path ="default2.aspx">
<system.web>
<authorization>
<allow users="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path ="default3.aspx">
<system.web>
<authorization>
<allow users="admin1"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="default4.aspx">
<system.web>
<authorization>
<allow users="admin2"/>
<deny users ="*"/>
</authorization>
</system.web>
</location>



Now come to your page named default.aspx

Write the followin code in .aspx page



<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label><br />
<br />

<asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Default2.aspx">Default2</asp:HyperLink>
<asp:HyperLink ID="HyperLink2" runat="server" NavigateUrl="~/Default3.aspx">Default3</asp:HyperLink>
<asp:HyperLink ID="HyperLink3" runat="server" NavigateUrl="~/Default4.aspx">Default4</asp:HyperLink>





Write following code in page_load event of default.aspx page




if (User.Identity.IsAuthenticated)
Label1.Text = "Welcome:" + User.Identity.Name;
else
FormsAuthentication.RedirectToLoginPage();




Set the login.aspx page to start page and run the application

(open solution explorer,right click on login.aspx page and click option set as start page)
Now run the application

Login with username admin and password admin
You will be redirected to default.aspx page
Click on link default2. you will be redirected and will see a message
Now go back to default.aspx page by clicking back button on your browser
Now click on default3 link. You will be redirected to login page mean you don not have permission to go on defult3.aspx page.



Reference: http://howinaspnet.blogspot.com/


Did you like this resource? Share it with your friends and show your love!

Responses to "Create user in web.config file and authenticate and authorise them"

No responses found. Be the first to respond...

Feedbacks      

Post Comment:




  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:   Sign In to fill automatically.
    Email: (Will not be published, but required to validate comment)



    Type the numbers and letters shown on the left.


    Submit Article     Return to Article Index

    Subscribe to Subscribers
    Active Members
    TodayLast 7 Daysmore...

    Awards & Gifts
    Talk to Webmaster Tony John
    Copyright © SpiderWorks Technologies Pvt Ltd., Kochi, India