DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Mike has posted 9 posts at DZone. View Full User Profile

Web Config And Code For Forms Authentication In .net

01.16.2008
| 3585 views |
  • submit to reddit
        Here's the forms authentication code that I always seem to forget.  

Blatantly stolen from http://www.4guysfromrolla.com/webtech/110701-1.2.shtml and http://support.microsoft.com/kb/316871

Sub Submit_OnClick(sender as Object, e as EventArgs)
  If MyCustomMethod (txtUserName.Text, txtPassword.Text) Then    
      FormsAuthentication.RedirectFromLoginPage (txtUserName.Text, False)
  Else
      ' Invalid credentials supplied, display message
      lblMessage.Text = "Invalid login credentials"
  End If
End Sub

<configuration>
	<system.web>
		<authentication mode="Forms" >
			<forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
			</forms>
		</authentication>
<!-- This section denies access to all files in this application except for those that you have not explicitly specified by using another setting. -->
		<authorization>
			<deny users="?" /> 
		</authorization>
	</system.web>
<!-- This section gives the unauthenticated user access to the Default1.aspx page only. It is located in the same folder as this configuration file. -->
		<location path="default1.aspx">
		<system.web>
		<authorization>
			<allow users ="*" />
		</authorization>
		</system.web>
		</location>
<!-- This section gives the unauthenticated user access to all of the files that are stored in the Subdir1 folder.  -->
		<location path="subdir1">
		<system.web>
		<authorization>
			<allow users ="*" />
		</authorization>
		</system.web>
		</location>
</configuration>