Some times we require that there should be different time outs for each user. In case when you give choice to user of your web that he can define his time out himself. In this case each user will set his own time and you have to make your web site of such type that it will maintain session for each user according to time he specifed.
What will we do:
Here I will explain you how to achieve this goal using ASP.Net's form authentication.
Some asp.net user has problem that when they use authentication tickets, session time out shows inconsistent attitude. Here I will explain how to maintian different time out for different users.
What is form authentication?
In ASP there was no mechanisam for logging user, you just have to put some values in session
that could be user id, and then check this value on each page user is trying to access.
But in .net form authentication provide to a mechanism for logging user.
When to login you set cookie that is encrypted you need to put user id in that cookie, that
is very easy, and after that asp.net will do all the task for you need not to check for
authentication each page.
What you have to do is specify a login page in web.config, there are few other settings also
i will tell you in detail. dont worry abou that that are very easy and can be done in few
Lets Start Work:
Create 3 page
1. Create asp.net project (example contains C# code)
2. Creat login page, login.aspx. (form authentication automatically redirect to this page if request is unautorized)
3. Create default page, default.aspx (every site has a defaul page, form autentication automatically redirect to this page after successful login).
4.create details page, details.aspx (optional page, that shows your product etc)
some page will be created automatically for example
You have completed all the structure of your website well done!!! lets start conding now!
First of all do some change in web.config file...
Go to the section authentication of web.config
i. set authentication code to forms
ii. provide login url, that is your login page where user will be redirected in case he is not loged on and trying to access some page.
iii.provide passwordformat for now just put it clear dont confused here this is just to set
your password will be clear format or encrypted that is an other topic.
iv. provide user names if you have some static users, you can also load list form database
will tell you letter how to do that.
<authentication mode="Forms" >
<forms name=".ASPXSessionDemoTest" loginUrl="login.aspx" protection="All" >
<credentials passwordFormat = "Clear">
<user name="admin" password="admin"/>
</authentication>Go to the section autorization of the web config.
i.deny user set ? mark.
so that it ask for password to each user.
<deny users="?" /> <!---->
We have alomost done with web.config file.
when user enter user name
and password and click login button write following code (find form source)
string email = this.TextBox1.Text ;
string password = this.TextBox2.Text ;
bool isPersistent = false;
metiontioed it. this will return an intger value, for example 30, 60 this is time out in
his roles. i am hard coding here.
string userData = setrole(username);
FormsAuthenticationTicket ticket = new
string encTicket = FormsAuthentication.Encrypt(ticket);
on logout button press write following code