W
wei
LoginPage.aspx:
<%@ Page %>
<html>
<body>
<h1>Please Log In</h1>
<hr>
<form runat="server">
<asp:TextBox ID="UserName" RunAt="server" />
<asp:TextBox ID="Password" TextMode="password" RunAt="server" />
<asp:Button Text="Log In" OnClick="OnLogIn" RunAt="server" />
<asp:Label ID="Output" RunAt="server" />
</form>
</body>
</html>
<script language="C#" runat="server">
void OnLogIn (Object sender, EventArgs e)
{
if (FormsAuthentication.Authenticate (UserName.Text,
Password.Text))
FormsAuthentication.RedirectFromLoginPage (UserName.Text,
false);
else
Output.Text = "Invalid login";
}
</script>
-------------------------------------------------------------------
Web.config
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="LoginPage.aspx" timeout="1">
<credentials passwordFormat="Clear">
<user name="Jeff" password="imbatman" />
<user name="John" password="redrover" />
<user name="Bob" password="mxyzptlk" />
<user name="Alice" password="nomalice" />
<user name="Mary" password="contrary" />
</credentials>
</forms>
</authentication>
</system.web>
</configuration>
===============================================================
ProtectedPage.aspx
<%@ Page Language="C#" %>
<html>
<body>
<h1>Protected Page</h1>
<hr><br>
<% Response.Write (Context.User.Identity.Name + ": "); %>
Be careful investing your money in dot-coms.
</body>
</html>
------------------------------------------------------------
Web.config
<configuration>
<system.web>
<authorization>
<allow users="Jeff"/>
<deny users="*" />
</authorization>
</system.web>
</configuration>
i have a sample applicatin (sources are above). LoginPage.aspx and the
first Web.config are in the application root directory and
ProtectedPage.aspx and the other Web.config are in a subdirectory. when
ProtectedPage.aspx is called, it will redirect to LoginPage.aspx to
authenticate user. if true, it goes back to ProtectedPage.aspx. in the
second Web.config file,an authorization is added to allow "Jeff" only to
access to this page, other authenticated users are denied and it goes back
to LoginPage. so how do i in the code detect a user is denied? where should
i add?
thank you for help.
<%@ Page %>
<html>
<body>
<h1>Please Log In</h1>
<hr>
<form runat="server">
<asp:TextBox ID="UserName" RunAt="server" />
<asp:TextBox ID="Password" TextMode="password" RunAt="server" />
<asp:Button Text="Log In" OnClick="OnLogIn" RunAt="server" />
<asp:Label ID="Output" RunAt="server" />
</form>
</body>
</html>
<script language="C#" runat="server">
void OnLogIn (Object sender, EventArgs e)
{
if (FormsAuthentication.Authenticate (UserName.Text,
Password.Text))
FormsAuthentication.RedirectFromLoginPage (UserName.Text,
false);
else
Output.Text = "Invalid login";
}
</script>
-------------------------------------------------------------------
Web.config
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="LoginPage.aspx" timeout="1">
<credentials passwordFormat="Clear">
<user name="Jeff" password="imbatman" />
<user name="John" password="redrover" />
<user name="Bob" password="mxyzptlk" />
<user name="Alice" password="nomalice" />
<user name="Mary" password="contrary" />
</credentials>
</forms>
</authentication>
</system.web>
</configuration>
===============================================================
ProtectedPage.aspx
<%@ Page Language="C#" %>
<html>
<body>
<h1>Protected Page</h1>
<hr><br>
<% Response.Write (Context.User.Identity.Name + ": "); %>
Be careful investing your money in dot-coms.
</body>
</html>
------------------------------------------------------------
Web.config
<configuration>
<system.web>
<authorization>
<allow users="Jeff"/>
<deny users="*" />
</authorization>
</system.web>
</configuration>
i have a sample applicatin (sources are above). LoginPage.aspx and the
first Web.config are in the application root directory and
ProtectedPage.aspx and the other Web.config are in a subdirectory. when
ProtectedPage.aspx is called, it will redirect to LoginPage.aspx to
authenticate user. if true, it goes back to ProtectedPage.aspx. in the
second Web.config file,an authorization is added to allow "Jeff" only to
access to this page, other authenticated users are denied and it goes back
to LoginPage. so how do i in the code detect a user is denied? where should
i add?
thank you for help.