Login Check in Asp.net

Question

0.00/5 (No votes)

See more:

Hello Everyone.
i am new in asp.net, i create a website in asp.net using C#, in my site there is login page. when user login then it reached on home page, but if user edit my address in address bar then user not need to login. i want that user cannot seen home page without login, however it make change in address bar.
For example
this is path of login page
http://localhost:54515/mastergridview%20-%20Copy/Login.aspx[^]

but user can access data writing Home in address bar

Posted 24-Jul-13 1:25am

MuhammadSaqib Saqib

Add a Solution

Comments

bbirajdar 24-Jul-13 7:39am

On login create a session variable and check this session variable on very page load.

MuhammadSaqib Saqib 24-Jul-13 7:40am

how can i create a session variable?

bbirajdar 24-Jul-13 8:30am

Your knowledge is too far away from writing a website on your own. You need to study the basics of asp.net first ...

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Chui PuiKwan · Answer 1 · 2013-07-24T02:08:00

Solution 3

login.aspx:

if(username=="name"&&password=="pwd")
{
Session["username"]="name";
}

home.aspx:

onpageload event:

if（Session["username"]!=null）
{
bt1.text = Session["username"].tostring()+"already logon";
}
else
{
response.redirct("login.aspx");
}

Posted 24-Jul-13 2:08am

Chui PuiKwan

Updated 24-Jul-13 2:09am

v2

pjaar89 · Answer 2 · 2013-07-24T01:40:00

Solution 1

So just play with authentication and authorization in your web.config file:

XML

<authentication mode="Forms">
  <forms name="TestAuthCookie" loginUrl="login.aspx" timeout="30" defaultUrl="start.aspx">
    <credentials passwordFormat="MD5">
      <user name="admin" password="21232f297a57a5a743894a0e4a801fc3"/>
      <user name="invite" password="f8f9a65ed8c3611b4ae9198b7c8a3702"/>
    </credentials>
  </forms>
</authentication>
<authorization>
  <deny users="?"/>
</authorization>

Posted 24-Jul-13 1:40am

pjaar89

Comments

MuhammadSaqib Saqib 24-Jul-13 7:44am

After this editing in my web.config file i cannot be able to access my any page in browser after login

MuhammadSaqib Saqib 24-Jul-13 7:50am

i have also a SQL server and pages is connected with sql server, is database there is all information of user, like user name and pass

Kornfeld Eliyahu Peter · Answer 3 · 2013-07-24T02:06:00

As I understood you want the login page to be accessible to everyone, and only after successful login be able to go to other pages...
For this you have to separate your site to folders

[root]
login.aspx
web.config
\site
home.aspx
web.config

In the outer web.config write this...

XML

<configuration>
	<system.web>
		<authorization>
			<allow users="*" />
		</authorization>
	</system.web>
</configuration>

In the inner web.config write this...

XML

<configuration>
	<system.web>
		<authorization>
			<deny users="?" />
		</authorization>
	</system.web>
</configuration>

The first says that anyone allowed to see pages in this folder, and the second says deny access to all not authorized person.

[If you permit a should add that in my opinion this way of login is a bit old-style. I was suggest you to use an other schema. The person visiting your site always seeing a home page with reduced content. Somewhere on this home page you have a corner that enables login. After the login the home page displays content more specific to the person just logged in...]