Exforsys.com
 
Home Tutorials ASP.NET 2.0
 

Forms Authentication in ASP.NET 2.0

 

Forms Authentication in ASP.NET 2.0 - Page 2

Page 2 of 2




This is a kind of plug and play offer. Click on convert to Template in the tasklist and see the code generated.


Click here to view sample code


Note that using the numerous properties built into this control it can be customized. See the sample of a custom control below. Note that the entire control has been created using the properties available for the control. By setting the section in the Web.Config a list of valid user names and passwords can be specified. If the login has to be validated against a database the same can be defined.



Click here to view sample code


Developers must note that there are four events with which they can interact while customizing the control. BeforeLogin is raised before the authentication process begins. The syntax can be checked and the login can be stopped if required. AfterLogin is raised after authentication is completed successfully. The developer can pass additional routines. Authenticate can be used to provide customized authentication and LoginError can be used to give error messages whenever login fails or user data is incorrect.


/span>


The Password Recovery Control helps users determine their forgotten passwords. Users will be prompted to enter their login name, answer the question for validation and the existing password will be mailed to them. If the password has been stored with a hash value in the database this becomes necessary. See the screenshot of the control as it appears when it is placed on the page.


The control must be enabled to send emails and the following code must be placed in the machine.config file. If a local SMTP service has been activated the setting can be left untouched.


< stmpMail
serverName=”localHost”
serverPort=”25”>
/ >


The data of the password message to be sent will have to be edited. The ‘from’ property of the MailDefinition will have to be set. Using the other definitions of the mailDefinition class other properties can also be defined. The highlight is the option to create a message based completely upon a template. This is a text file that resides in the root directory of the application. The < %UserName% > and < %Password% > can be used as placeholders.


The control offers three templates that can be built from the scratch or used with customization. UserName is the initial view of the control and it asks for the user name to be typed in. Question is used if the user is required to give an answer. Answer is shown if the password has been detected successfully or has been set back and the email has been sent. A few methods also come in handy while customizing the control. BeforeUserLookup is used before the control tries to look for the user. UserLookupError is returned if the user is not found or cannot be validated. BeforeAnswerLookup is used before the answer is checked. AnswerLookupError is used if the answer is found to be incorrect. BeforeSendEmail is raised before the email is sent to the user.


The LoginStatus and LoginName Controls are useful controls. The latter shows the name of the Logged in user while the former shows the status of the user. The LoginLink of the LoginStatus control automatically refers to the page in which it is placed.


The LoginView Control gives two different views depending on the authentication process. It helps in conditional display of pages for anonymous and authenticated users. In other words it is possible to create role based templates using this control.



This section of the tutorial was devoted to Authentication. However, ASP.NET 2.0 comes with a lot of features that help developers create roles and membership definitions. We shall be dealing with the Membership Management API in the next section of this tutorial.



 




First Page: Forms Authentication in ASP.NET 2.0


Read Next: ASP.NET 2.0 Free Tutorials : Managing Membership and Roles



 

 

Comments


sandip said:

  thax i help it for Login Control . if I don't Want to use Login Control How Can I Authenticate Form Authentication.
October 20, 2008, 2:54 am

utkarsh said:

  hey...
i am having a problem with form authentication
my scenario:
i have a default.aspx, login.aspx, the whole appl is having one web.config
and a folder named employee in which i have a member.aspx.
this folder also contains web.config
i want when the user login is authenticated then he shud be redirected to member.aspx or else if the user clicks members the login page shud appear.

how to go about it?
plz help
July 23, 2009, 4:08 pm

Parag Garg said:

  in web.config file in employee folder write:

< authorization >
< deny users="?" / >
< / authorization >

in main web.config file write:

< authentication mode="Forms" >
< forms loginUrl="login.aspx"
name=".ASPXFORMSAUTH" >
< / forms >
< / authentication >

and in login.aspx.cs file when the login is done or the specified username and password are validated write

Response.Redirect("employee/member.aspx");
August 2, 2009, 10:20 am

Sanjeev Sood said:

  Hello
I have made folder clientslogin where any client when authenticated will be redirected to his respective aspx page & can download his reports.How to go about it? Pl help.

August 3, 2009, 12:30 pm

Post Your Comment:

Members Please Login
Your Name:*
e-mail ID:(required for notification)*
Image Verification: 
 
 Subscribe    

Sponsored Links

 

Subscribe via RSS


Get Daily Updates via Subscribe to Exforsys Free Training via email


Get Latest Free Training Updates delivered directly to your Inbox...

Enter your email address:


 

Subscribe to Exforsys Free Training via RSS
 

 
Partners -  Privacy and Legal Policy -  Site News -  Contact   Sitemap  

Copyright © 2000 - 2009 exforsys.com. All Rights Reserved

Page copy protected against web site content infringement by Copyscape