I want to implement forms based authentication manually in my website.
I am using Web.config
file for data store
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx"
name=".ASPXAUTH"
path="/"
requireSSL="false"
slidingExpiration="true"
defaultUrl="~/Admin/OrderHistory.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false"
>
<credentials passwordFormat="Clear">
<user name="Admin" password="adm123$"/>
<user name="Administrator" password="adm234%"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users ="?" />
<allow users = "*" />
</authorization>
There is a Login.aspx
page at root level in that im using ASP.NET login control to get username and password.
Everything works fine but when the user is logged in
and manually go to login.aspx
page, its not redirect the user to defaultUrl page.
I want to redirect the user to a specific page/defaultUrl page, if he is logged in and came manually to login.aspx page
How to do it?
if (FormsAuthentication.Authenticate(LoginUser.UserName, LoginUser.Password))
{
FormsAuthentication.RedirectFromLoginPage(LoginUser.UserName, true);
}
Logon occurs on the system to which a user is gaining access, whereas authentication is performed by the computer on which the user's account resides. When you use a local account to log on to a computer, that computer performs both the logon and authentication.
Using HTTP Basic Authentication A client requests access to a protected resource. The Web server returns a dialog box that requests the user name and password. The client submits the user name and password to the server. The server validates the credentials and, if successful, returns the requested resource.
Unlike Form-Based Authentication, Basic Authentication DO NOT use cookies, hence there is no concept of a session or logging out a user, which means each request has to carry that header in order to be authenticated. Form-Based Authentication in the other hand is not formalized by any RFC.
Forms authentication enables user and password validation for Web applications that do not require Windows authentication. With forms authentication, user information is stored in an external data source, such as a Membership database, or in the configuration file for an application.
if(HttpContext.Current.User.Identity.IsAuthenticated)
{
//Redirect to Default page
Response.Redirect("default.aspx");
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With