Forms Login/Logout

Discussion in 'ASP .Net' started by Brian Henry, Jul 3, 2004.

  1. Brian Henry

    Brian Henry Guest

    We have our windows forms login set up and working good, well it works at
    least, just now we need a logout button, so when you click on it, the user
    will be logged out of the authentication, how would we do this? this is how
    we are doing the login form

    ==[web config changes]=====
    <authentication mode="Forms">

    <forms loginUrl="/WebClient/SecurePages/logon.aspx" name="RSMNEmail"
    timeout="20" path="/"></forms>

    </authentication>

    <!-- AUTHORIZATION

    This section sets the authorization policies of the application. You can
    allow or deny access

    to application resources by user or role. Wildcards: "*" mean everyone, "?"
    means anonymous

    (unauthenticated) users.

    -->

    <authorization>

    <deny users="?" />

    <allow users="*" />


    <!-- Allow all users -->

    <!-- <allow users="[comma separated list of users]"

    roles="[comma separated list of roles]"/>

    <deny users="[comma separated list of users]"

    roles="[comma separated list of roles]"/>

    -->

    </authorization>





    =[ login form script]=======

    Imports System.Web.Security

    Imports System.Security

    Public Class Logon

    Inherits System.Web.UI.Page

    #Region " Web Form Designer Generated Code "

    'This call is required by the Web Form Designer.

    <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()

    End Sub

    Protected WithEvents txtUserName As System.Web.UI.WebControls.TextBox

    Protected WithEvents txtPassword As System.Web.UI.WebControls.TextBox

    Protected WithEvents lblInvalid As System.Web.UI.WebControls.Label

    Protected WithEvents btnLogin As System.Web.UI.WebControls.Button

    Protected WithEvents hlnkApplyUser As System.Web.UI.WebControls.HyperLink

    'NOTE: The following placeholder declaration is required by the Web Form
    Designer.

    'Do not delete or move it.

    Private designerPlaceholderDeclaration As System.Object

    Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles MyBase.Init

    'CODEGEN: This method call is required by the Web Form Designer

    'Do not modify it using the code editor.

    InitializeComponent()

    End Sub

    #End Region


    Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles btnLogin.Click

    If txtUserName.Text <> "" And txtPassword.Text <> "" Then

    If database.msgConnection.State = ConnectionState.Closed Then

    database.msgConnection.Open()

    End If

    Dim cmdCheckUser As New SqlClient.SqlCommand("RSMN_CheckPassword",
    database.msgConnection)

    cmdCheckUser.CommandType = CommandType.StoredProcedure

    cmdCheckUser.Parameters.Add("@userName", SqlDbType.VarChar).Value =
    txtUserName.Text

    cmdCheckUser.Parameters.Add("@Password", SqlDbType.VarChar).Value =
    txtPassword.Text

    ' check login credentials against SQL Users's database for messaging system

    If DirectCast(cmdCheckUser.ExecuteScalar, Boolean) = True Then

    Dim loginAuthCookie As FormsAuthenticationTicket = New
    FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
    DateTime.Now.AddMinutes(20), False, "WebUser")

    Dim encryptedTicket As String = FormsAuthentication.Encrypt(loginAuthCookie)

    Dim authCookie As HttpCookie = New
    HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

    Response.Cookies.Add(authCookie)

    Response.Redirect("Inbox.aspx", True)

    Else

    lblInvalid.Visible = True

    End If

    If database.msgConnection.State = ConnectionState.Open Then

    database.msgConnection.Close()

    End If

    Else

    lblInvalid.Visible = True

    End If

    End Sub

    End Class





    now on the main page after they logon there is a button that says logoff,
    when they click on it we want them loged out of the system and redirected to
    the logon page, how to do this? thanks
     
    Brian Henry, Jul 3, 2004
    #1
    1. Advertising

  2. Hi Brian,

    FormsAuthentication.SignOut() is what you need.
    It deletes the authentication cookie.

    HTH,
    Stefano Mostarda MCP
    Rome Italy;

    Brian Henry wrote:

    > We have our windows forms login set up and working good, well it works at
    > least, just now we need a logout button, so when you click on it, the user
    > will be logged out of the authentication, how would we do this? this is how
    > we are doing the login form
    >
    > ==[web config changes]=====
    > <authentication mode="Forms">
    >
    > <forms loginUrl="/WebClient/SecurePages/logon.aspx" name="RSMNEmail"
    > timeout="20" path="/"></forms>
    >
    > </authentication>
    >
    > <!-- AUTHORIZATION
    >
    > This section sets the authorization policies of the application. You can
    > allow or deny access
    >
    > to application resources by user or role. Wildcards: "*" mean everyone, "?"
    > means anonymous
    >
    > (unauthenticated) users.
    >
    > -->
    >
    > <authorization>
    >
    > <deny users="?" />
    >
    > <allow users="*" />
    >
    >
    > <!-- Allow all users -->
    >
    > <!-- <allow users="[comma separated list of users]"
    >
    > roles="[comma separated list of roles]"/>
    >
    > <deny users="[comma separated list of users]"
    >
    > roles="[comma separated list of roles]"/>
    >
    > -->
    >
    > </authorization>
    >
    >
    >
    >
    >
    > =[ login form script]=======
    >
    > Imports System.Web.Security
    >
    > Imports System.Security
    >
    > Public Class Logon
    >
    > Inherits System.Web.UI.Page
    >
    > #Region " Web Form Designer Generated Code "
    >
    > 'This call is required by the Web Form Designer.
    >
    > <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
    >
    > End Sub
    >
    > Protected WithEvents txtUserName As System.Web.UI.WebControls.TextBox
    >
    > Protected WithEvents txtPassword As System.Web.UI.WebControls.TextBox
    >
    > Protected WithEvents lblInvalid As System.Web.UI.WebControls.Label
    >
    > Protected WithEvents btnLogin As System.Web.UI.WebControls.Button
    >
    > Protected WithEvents hlnkApplyUser As System.Web.UI.WebControls.HyperLink
    >
    > 'NOTE: The following placeholder declaration is required by the Web Form
    > Designer.
    >
    > 'Do not delete or move it.
    >
    > Private designerPlaceholderDeclaration As System.Object
    >
    > Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
    > System.EventArgs) Handles MyBase.Init
    >
    > 'CODEGEN: This method call is required by the Web Form Designer
    >
    > 'Do not modify it using the code editor.
    >
    > InitializeComponent()
    >
    > End Sub
    >
    > #End Region
    >
    >
    > Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As
    > System.EventArgs) Handles btnLogin.Click
    >
    > If txtUserName.Text <> "" And txtPassword.Text <> "" Then
    >
    > If database.msgConnection.State = ConnectionState.Closed Then
    >
    > database.msgConnection.Open()
    >
    > End If
    >
    > Dim cmdCheckUser As New SqlClient.SqlCommand("RSMN_CheckPassword",
    > database.msgConnection)
    >
    > cmdCheckUser.CommandType = CommandType.StoredProcedure
    >
    > cmdCheckUser.Parameters.Add("@userName", SqlDbType.VarChar).Value =
    > txtUserName.Text
    >
    > cmdCheckUser.Parameters.Add("@Password", SqlDbType.VarChar).Value =
    > txtPassword.Text
    >
    > ' check login credentials against SQL Users's database for messaging system
    >
    > If DirectCast(cmdCheckUser.ExecuteScalar, Boolean) = True Then
    >
    > Dim loginAuthCookie As FormsAuthenticationTicket = New
    > FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
    > DateTime.Now.AddMinutes(20), False, "WebUser")
    >
    > Dim encryptedTicket As String = FormsAuthentication.Encrypt(loginAuthCookie)
    >
    > Dim authCookie As HttpCookie = New
    > HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
    >
    > Response.Cookies.Add(authCookie)
    >
    > Response.Redirect("Inbox.aspx", True)
    >
    > Else
    >
    > lblInvalid.Visible = True
    >
    > End If
    >
    > If database.msgConnection.State = ConnectionState.Open Then
    >
    > database.msgConnection.Close()
    >
    > End If
    >
    > Else
    >
    > lblInvalid.Visible = True
    >
    > End If
    >
    > End Sub
    >
    > End Class
    >
    >
    >
    >
    >
    > now on the main page after they logon there is a button that says logoff,
    > when they click on it we want them loged out of the system and redirected to
    > the logon page, how to do this? thanks
    >
    >
     
    Stefano Mostarda, Jul 3, 2004
    #2
    1. Advertising

  3. Brian Henry

    Brian Henry Guest

    thanks!


    "Stefano Mostarda" <> wrote in message
    news:...
    > Hi Brian,
    >
    > FormsAuthentication.SignOut() is what you need.
    > It deletes the authentication cookie.
    >
    > HTH,
    > Stefano Mostarda MCP
    > Rome Italy;
    >
    > Brian Henry wrote:
    >
    > > We have our windows forms login set up and working good, well it works

    at
    > > least, just now we need a logout button, so when you click on it, the

    user
    > > will be logged out of the authentication, how would we do this? this is

    how
    > > we are doing the login form
    > >
    > > ==[web config changes]=====
    > > <authentication mode="Forms">
    > >
    > > <forms loginUrl="/WebClient/SecurePages/logon.aspx" name="RSMNEmail"
    > > timeout="20" path="/"></forms>
    > >
    > > </authentication>
    > >
    > > <!-- AUTHORIZATION
    > >
    > > This section sets the authorization policies of the application. You can
    > > allow or deny access
    > >
    > > to application resources by user or role. Wildcards: "*" mean everyone,

    "?"
    > > means anonymous
    > >
    > > (unauthenticated) users.
    > >
    > > -->
    > >
    > > <authorization>
    > >
    > > <deny users="?" />
    > >
    > > <allow users="*" />
    > >
    > >
    > > <!-- Allow all users -->
    > >
    > > <!-- <allow users="[comma separated list of users]"
    > >
    > > roles="[comma separated list of roles]"/>
    > >
    > > <deny users="[comma separated list of users]"
    > >
    > > roles="[comma separated list of roles]"/>
    > >
    > > -->
    > >
    > > </authorization>
    > >
    > >
    > >
    > >
    > >
    > > =[ login form script]=======
    > >
    > > Imports System.Web.Security
    > >
    > > Imports System.Security
    > >
    > > Public Class Logon
    > >
    > > Inherits System.Web.UI.Page
    > >
    > > #Region " Web Form Designer Generated Code "
    > >
    > > 'This call is required by the Web Form Designer.
    > >
    > > <System.Diagnostics.DebuggerStepThrough()> Private Sub

    InitializeComponent()
    > >
    > > End Sub
    > >
    > > Protected WithEvents txtUserName As System.Web.UI.WebControls.TextBox
    > >
    > > Protected WithEvents txtPassword As System.Web.UI.WebControls.TextBox
    > >
    > > Protected WithEvents lblInvalid As System.Web.UI.WebControls.Label
    > >
    > > Protected WithEvents btnLogin As System.Web.UI.WebControls.Button
    > >
    > > Protected WithEvents hlnkApplyUser As

    System.Web.UI.WebControls.HyperLink
    > >
    > > 'NOTE: The following placeholder declaration is required by the Web Form
    > > Designer.
    > >
    > > 'Do not delete or move it.
    > >
    > > Private designerPlaceholderDeclaration As System.Object
    > >
    > > Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
    > > System.EventArgs) Handles MyBase.Init
    > >
    > > 'CODEGEN: This method call is required by the Web Form Designer
    > >
    > > 'Do not modify it using the code editor.
    > >
    > > InitializeComponent()
    > >
    > > End Sub
    > >
    > > #End Region
    > >
    > >
    > > Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As
    > > System.EventArgs) Handles btnLogin.Click
    > >
    > > If txtUserName.Text <> "" And txtPassword.Text <> "" Then
    > >
    > > If database.msgConnection.State = ConnectionState.Closed Then
    > >
    > > database.msgConnection.Open()
    > >
    > > End If
    > >
    > > Dim cmdCheckUser As New SqlClient.SqlCommand("RSMN_CheckPassword",
    > > database.msgConnection)
    > >
    > > cmdCheckUser.CommandType = CommandType.StoredProcedure
    > >
    > > cmdCheckUser.Parameters.Add("@userName", SqlDbType.VarChar).Value =
    > > txtUserName.Text
    > >
    > > cmdCheckUser.Parameters.Add("@Password", SqlDbType.VarChar).Value =
    > > txtPassword.Text
    > >
    > > ' check login credentials against SQL Users's database for messaging

    system
    > >
    > > If DirectCast(cmdCheckUser.ExecuteScalar, Boolean) = True Then
    > >
    > > Dim loginAuthCookie As FormsAuthenticationTicket = New
    > > FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
    > > DateTime.Now.AddMinutes(20), False, "WebUser")
    > >
    > > Dim encryptedTicket As String =

    FormsAuthentication.Encrypt(loginAuthCookie)
    > >
    > > Dim authCookie As HttpCookie = New
    > > HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
    > >
    > > Response.Cookies.Add(authCookie)
    > >
    > > Response.Redirect("Inbox.aspx", True)
    > >
    > > Else
    > >
    > > lblInvalid.Visible = True
    > >
    > > End If
    > >
    > > If database.msgConnection.State = ConnectionState.Open Then
    > >
    > > database.msgConnection.Close()
    > >
    > > End If
    > >
    > > Else
    > >
    > > lblInvalid.Visible = True
    > >
    > > End If
    > >
    > > End Sub
    > >
    > > End Class
    > >
    > >
    > >
    > >
    > >
    > > now on the main page after they logon there is a button that says

    logoff,
    > > when they click on it we want them loged out of the system and

    redirected to
    > > the logon page, how to do this? thanks
    > >
    > >
     
    Brian Henry, Jul 4, 2004
    #3
  4. Brian Henry

    swati254

    Joined:
    May 28, 2008
    Messages:
    11
    proper signout

    in my application there is a section which open in a new window called blog.
    problem is that --in this new window section there is a admin part which is opend after logon.the problem is that if i close the new window without logout.next time when i open blog from main application it open already in login mode. what i do?
    my code to logout is:

    private void Page_Load(object sender, System.EventArgs e)
    {
    if(!Page.IsPostBack)
    {
    fill();
    fill_dg_editcomment();
    }
    Response.Cache.SetNoStore();
    if(Session["uid"]==null)
    {
    Response.Redirect("../login.aspx");
    }
    else
    {
    lbluid.Text="Welcome! "+Session["uid"].ToString();
    }
    //User.Identity.Name;// Put user code to initialize the page here
    }


    private void lbtnsignout_Click(object sender, System.EventArgs e)
    {
    Session.Abandon();
    Response.Cookies.Clear();
    FormsAuthentication.SignOut();
    Response.Redirect("../showblogs.aspx");
    }
     
    swati254, Jun 4, 2008
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MichaelR

    Login / Logout

    MichaelR, Jan 5, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    5,779
    Karl Seguin
    Jan 5, 2005
  2. =?Utf-8?B?dmE=?=

    RE: Logout status doesn't really logout?

    =?Utf-8?B?dmE=?=, Mar 26, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    593
    =?Utf-8?B?dmE=?=
    Mar 26, 2006
  3. =?Utf-8?B?RFdT?=

    RE: Logout status doesn't really logout?

    =?Utf-8?B?RFdT?=, Mar 26, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    590
    =?Utf-8?B?RFdT?=
    Mar 26, 2006
  4. =?Utf-8?B?dmE=?=

    Logout status doesn't really logout?

    =?Utf-8?B?dmE=?=, Mar 26, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    701
    =?Utf-8?B?dmE=?=
    Mar 26, 2006
  5. Barry Margolin

    Login, fill in forms, logout

    Barry Margolin, Feb 19, 2004, in forum: Javascript
    Replies:
    3
    Views:
    138
    Lasse Reichstein Nielsen
    Feb 19, 2004
Loading...

Share This Page