Hello,
I am working on my first Asp.Net 2.0 web site using VS2005.
I know about the login controls on Asp.Net 2.0 but they seem really
strict.
I would prefer to create my own forms and using the new Asp.Net 2.0
classes.
On this web site I need to have authentication for users.
I also need to set an access level for 4 types of users.
And I need to have an option such as "Remember Me".
Can someone tell me how to do this?
I have my Asp.Net 1.1 authentication code but I am having a few problems
in converting it to Asp.Net 2.0.
Thank You Very Much,
Miguel
My Asp.Net 1.1 Authentication Code is:
' Run Validation and Login
If Form_Validation () = True Then
' Forms Authentication Initialization
FormsAuthentica tion.Initialize ()
' Set Connection
Dim connectionStrin g As String =
System.Configur ation.Configura tionSettings.Ap pSettings("conn ectionString")
Dim dbConnection As System.Data.IDb Connection = New
System.Data.Ole Db.OleDbConnect ion(connectionS tring)
' Set Query
Dim queryString As String = "SELECT [t_4web_users].[access_level]
FROM [t_4web_users] WHERE (([t_4web_users].[username] = @page) AND
([t_4web_users].[password] = @password))"
' Set Command
Dim dbCommand As System.Data.IDb Command = New
System.Data.Ole Db.OleDbCommand
dbCommand.Comma ndText = queryString
dbCommand.Conne ction = dbConnection
' Add Parameters
With dbCommand.Param eters
.Add(New OleDbParameter( "@username" , tbusername.Text ))
.Add(New OleDbParameter( "@password" ,
FormsAuthentica tion.HashPasswo rdForStoringInC onfigFile(tbpas sword.Text,
"md5")))
End With
' Execute the Command
dbConnection.Op en()
Dim reader As OleDbDataReader = dbCommand.Execu teReader
If reader.Read Then
Dim ticket As FormsAuthentica tionTicket = New
FormsAuthentica tionTicket(1, tbusername.Text , DateTime.Now,
DateTime.Now.Ad dMinutes(30), True, reader.GetStrin g(0),
FormsAuthentica tion.FormsCooki ePath)
Dim hash As String = FormsAuthentica tion.Encrypt(ti cket)
Dim cookie As HttpCookie = New
HttpCookie(Form sAuthentication .FormsCookieNam e, hash)
If ticket.IsPersis tent Then
cookie.Expires = ticket.Expirati on
End If
Response.Cookie s.Add(cookie)
Dim returnUrl As String = Request.QuerySt ring("ReturnUrl ")
If returnUrl Is Nothing Then
returnUrl = "index4web.aspx "
End If
Login_Error_Mes sage("none")
Response.Redire ct(returnUrl)
Else
Login_Error_Mes sage("loginacce ssdenied")
End If
reader.Close()
dbConnection.Cl ose()
Else
End If 1 1158
Really Strict? You can manage how strict or "laid back" your authentication
process is simply by managing the entries in the web.config file.
Jeff
"Miguel Dias Moura" wrote: Hello,
I am working on my first Asp.Net 2.0 web site using VS2005. I know about the login controls on Asp.Net 2.0 but they seem really strict. I would prefer to create my own forms and using the new Asp.Net 2.0 classes.
On this web site I need to have authentication for users. I also need to set an access level for 4 types of users. And I need to have an option such as "Remember Me".
Can someone tell me how to do this?
I have my Asp.Net 1.1 authentication code but I am having a few problems in converting it to Asp.Net 2.0.
Thank You Very Much, Miguel
My Asp.Net 1.1 Authentication Code is:
' Run Validation and Login If Form_Validation () = True Then
' Forms Authentication Initialization FormsAuthentica tion.Initialize ()
' Set Connection Dim connectionStrin g As String = System.Configur ation.Configura tionSettings.Ap pSettings("conn ectionString") Dim dbConnection As System.Data.IDb Connection = New System.Data.Ole Db.OleDbConnect ion(connectionS tring)
' Set Query Dim queryString As String = "SELECT [t_4web_users].[access_level] FROM [t_4web_users] WHERE (([t_4web_users].[username] = @page) AND ([t_4web_users].[password] = @password))"
' Set Command Dim dbCommand As System.Data.IDb Command = New System.Data.Ole Db.OleDbCommand dbCommand.Comma ndText = queryString dbCommand.Conne ction = dbConnection
' Add Parameters With dbCommand.Param eters .Add(New OleDbParameter( "@username" , tbusername.Text )) .Add(New OleDbParameter( "@password" , FormsAuthentica tion.HashPasswo rdForStoringInC onfigFile(tbpas sword.Text, "md5"))) End With
' Execute the Command dbConnection.Op en() Dim reader As OleDbDataReader = dbCommand.Execu teReader If reader.Read Then Dim ticket As FormsAuthentica tionTicket = New FormsAuthentica tionTicket(1, tbusername.Text , DateTime.Now, DateTime.Now.Ad dMinutes(30), True, reader.GetStrin g(0), FormsAuthentica tion.FormsCooki ePath) Dim hash As String = FormsAuthentica tion.Encrypt(ti cket) Dim cookie As HttpCookie = New HttpCookie(Form sAuthentication .FormsCookieNam e, hash) If ticket.IsPersis tent Then cookie.Expires = ticket.Expirati on End If Response.Cookie s.Add(cookie) Dim returnUrl As String = Request.QuerySt ring("ReturnUrl ") If returnUrl Is Nothing Then returnUrl = "index4web.aspx " End If Login_Error_Mes sage("none") Response.Redire ct(returnUrl) Else Login_Error_Mes sage("loginacce ssdenied") End If reader.Close() dbConnection.Cl ose()
Else End If
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
# No warranty express or implied for the accuracy, fitness to purpose
|
by: Bob Everland |
last post by:
I have an application that is ISAPI and the only way to
secure it is through NT permissions. I need to have a way
to login to windows authentication so that when I get to
the ISAPI application no boxes come up. I want an ASP page
to sit between the user and the ISAPI application. The
rest of my application is using authentication that is
database driven and wouldn't want the users to know the
userid and password. Is this possible? If so...
|
by: Billy Jacobs |
last post by:
I have a website which has both secure and non-secure
pages. I want to uses forms authentication. How do I
accomplish this?
Originally I had my web.config file in the root with Forms
Authentication set up and it worked just fine. Then I
realized that I needed to have some pages unsecure.
I then created 2 directories. One named Secure and the
other named Public. I placed my web.config file in my
|
by: Tom B |
last post by:
In my web.config file I've specified Windows for the authentication, in IIS
I've set it to Integrated Authentication.
But my SQL connection is still showing Anonymous.
Is there somewhere else I need to check?
Thanks
Win 2003, SQL Server 2000
|
by: Anonieko Ramos |
last post by:
ASP.NET Forms Authentication Best Practices
Dr. Dobb's Journal February 2004
Protecting user information is critical
By Douglas Reilly
Douglas is the author of Designing Microsoft ASP.NET Applications and
owner of Access Microsystems. Doug can be reached at
doug@accessmicrosystems.com.
--------------------------------------------------------------------------------
| |
by: Andrew |
last post by:
Hey all,
I would like to preface my question by stating I am still learning ASP.net
and while I am confident in the basics and foundation, the more advanced
stuff is still a challenge. Ok. :)
|
by: Albertas |
last post by:
What I'm doing wrong that I can't make my authentication to work.
Here is the situation: I'm hosting a Web Service from a Windows forms
application, using .NET Framework 3.0 WCF. And I want to implement user
authentication.
Here is my Web Service class called "methods":
public class Authentication : SoapHeader
{
public String user;
public String pwd;
|
by: troywalker |
last post by:
I am new to LDAP and Directory Services, and I have a project that
requires me to authenticate users against a Sun Java System Directory
Server in order to access the application. I have found dozens of
examples of how to authenticate users against Active Directory, but AD
seems to be a different animal than Sun Java System Directory Server.
Could someone provide me with an example of how to authenticate a user
against a Directory...
|
by: Frank Swarbrick |
last post by:
I am trying to understand "client authentication" works. My environment is
DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4
as the client. We currently have DB2/LUW set up as follows:
Client Userid-Password Plugin (CLNT_PW_PLUGIN) =
Client Kerberos Plugin (CLNT_KRB_PLUGIN) =
Group Plugin (GROUP_PLUGIN) =
GSS Plugin for Local Authorization ...
|
by: Rory Becker |
last post by:
Having now created a Custom MembershipProvider that seems to work correctly
with my Logon and ChangePassword controls, I am, as they say, a happy bunny.
The next stange is to move on to the creation of content which adjusts based
on the user.
I have several pages which require a user to be logged on and several which
do not. Prior to this point in time I have used 2 different master pages.
one with a control which checks a session...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |