how to create secure login in asp.net

Question

0.00/5 (No votes)

See more:

- it should be first page of the site and no other page can access without login or at least ask for login.
- suggest with code if you have any samples, I really need it.
- it must work with sql server

Posted 25-Mar-11 2:52am

Yusuf N M

Updated 26-Mar-11 2:36am

Dalek Dave

v2

Add a Solution

Comments

Dalek Dave 26-Mar-11 8:36am

Edited for Grammar and Syntax.

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Mahendra.p25 · Answer 1 · 2011-03-25T02:55:00

XML

<authentication mode="Forms">
            <forms defaultUrl="Secured/Default.aspx" loginUrl="Login.aspx">
      </forms>
        </authentication>

XML

<system.web>
            <authorization>
                <deny users="?"/>
            </authorization>
        </system.web>

in the code behind

C#

protected void btn_Submit_Click(object sender, EventArgs e)
        {
            if (TextBox1.Text == "UserName")
            {
                if (TextBox2.Text == "Password")
                {
                   // Response.Redirect("~/Secured/Secured2.aspx");
                    FormsAuthentication.RedirectFromLoginPage(TextBox1.Text, false);
                }
                else
                {
                    Label1.Text = "Enter Correct Password";
                }
            }
            else
            {
                Label1.Text = "Enter Correct User Name";
            }
        }

SQL

Use Forms Authentication for that
try this link
Link [^]

fjdiewornncalwe · Answer 2 · 2011-03-25T02:58:00

Solution 2

I think you need to read up a bit on authentication and how it works in an IIS environment. What you are asking for should not be handled only in code and SQL Server. You should incorporate built in IIS authentication processes to achieve your goal.
Check out some of these links.

Posted 25-Mar-11 2:58am

fjdiewornncalwe

Comments

Dalek Dave 26-Mar-11 8:37am

Good Links.

Brijesh Kr · Answer 3 · 2011-03-26T01:46:00

Use Forms Authentication.
Use some thing like this at web.config

XML

<location path="secure">
    <system.web>
      <authorization>
        <deny users="?"/>
        <deny users="jhon"/>
      </authorization>
    </system.web>
  </location>

secure is a folder which contains your secure webforms.

XML

<authentication mode="Forms">
      <forms loginUrl="Default.aspx"
           protection="All"
           timeout="30"
           name=".ASPXAUTH"
           path="/"
           requireSSL="false"
           slidingExpiration="true"
           defaultUrl="default.aspx"
           cookieless="UseDeviceProfile"
           enableCrossAppRedirects="false" >
        <credentials passwordFormat="Clear">
          <user name="kim" password="kim@123"/>
          <user name="jhon" password="jhonn"/>
        </credentials>
      </forms>
    </authentication>

Now at server side code

Default.aspx is your login form, Drag Two TextBoxes and a Button
at click event of button write following code. Default2.aspx is destination page. Secure is a folder which can have webforms which you wants to make secure

if (FormsAuthentication.Authenticate(TextBox1.Text, TextBox2.Text))
        {
            FormsAuthentication.SetAuthCookie(
                 this.TextBox1.Text.Trim(), false);

            FormsAuthenticationTicket ticket1 =
               new FormsAuthenticationTicket(
                    1,                                   // version
                    this.TextBox1.Text.Trim(),   // get username  from the form
                    DateTime.Now,                        // issue time is now
                    DateTime.Now.AddMinutes(10),         // expires in 10 minutes
                    false,      // cookie is not persistent
                    "HR"                              // role assignment is stored
                // in userData
                    );
            HttpCookie cookie1 = new HttpCookie(
              FormsAuthentication.FormsCookieName,
              FormsAuthentication.Encrypt(ticket1));
            Response.Cookies.Add(cookie1);

            // 4. Do the redirect. 
            String returnUrl1;
            // the login is successful
            if (Request.QueryString["ReturnUrl"] == null)
            {
                returnUrl1 = "Default2.aspx";
            }

            //login not unsuccessful 
            else
            {
                returnUrl1 = Request.QueryString["ReturnUrl"];
            }
            Response.Redirect(returnUrl1);

        }

This is one of the best option to secure a webform

how to create secure login in asp.net

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0