Skip to main content

ASP.NET custom forms authentication - Part I


Forms authentication is generally used in internet facing applications. ASP.NET provides easy to use Membership Providers, Role providers etc. But some times we do need to right custom authentication code. That is what we are going to discuss today.


Let us start with points to be considered:  
Note: I am going to use cookie for state management.


We need cookie for forms authentication.
We need cookie for session management.
We need to clear and abandon the session on logout. 
We need to clear authentication ticket too.


Web.config
Here we have set the name for the authentication cookie. We have set the loginUrl - URL of the login page. We have set a defaultUrl - URL of the page where the user will be re-directed after login.


for other attributes please visit this MSDN page.


Authentication
On (say) login button click write this code


    protected void btnLogin_Click(object sender, EventArgs e)
    {  
         if(Valid(userid,password))
         {
             if (Request.QueryString["ReturnUrl"] != null)
      {
        FormsAuthentication.RedirectFromLoginPage(UserID, false);
      }
      else
      {
        FormsAuthentication.SetAuthCookie(UserID, false);
        Response.Redirect("~/Pages/Home.aspx");
      }
         }
         else
         {
            Do something....
          }
    }


Here Valid() is the custom function which validates the user. UserID has been passed RedirectFromLoginPage and SetAuthCookie functions as this will be used to set the user in context.


LoginStatus control (for logout)
protected void UserLoginStatus_LoggingOut(object sender, LoginCancelEventArgs e)
{        
  Session.Clear();
  Session.Abandon();
  FormsAuthentication.SignOut();
}


In the next part we will look deeper into this. This post was just to get the work done :D. ( Next Article - Part 2)


Hope this will be helpful. Happy Coding!!!
Labels:

Comments

Post a Comment

Popular posts from this blog

Create a background / taskbar application in c# .NET

Recently, I was working on integration of two windows applications. First application will launch the second application on login and then they both will communicate using pre-defined set of instructions. There were some complications (I am not going into them) and thus we decided to have a third application which actually will act as mediator. First application will launch the mediator (third application) and it will launch the second application. For this purpose we needed to create a task bar application (which will run in background). How To ·          Create a new windows project and delete the default form (Form1). ·          In Program.cs create a new class and inherit it from Form. ·          Please refer the code below. ·          Now change the Main method. In Application.Run change the startup objec...
2 comments
Read more

Check SQL Server Job status (State) using sp_help_job and xp_sqlagent_enum_jobs

This article is about checking the status of a SQL job. In our work place we have lot of SQL jobs. These jobs will run whole day and are business critical. They will load the data and generate extracts which will be used by business people. Thus, it becomes quite essential to support the system efficiently so that the job finishes in time and as desired. Also, while designing a new system sometimes we need to check the dependency of one job over another. In such scenario we need to check whether a particular job has finished or not. All this can be achieved in SQL Server by using the procedures:- sp_help_job xp_sqlagent_enum_jobs Note: xp_sqlagent_enum_jobs is an undocumented proc inside of sp_help_job and is used extensively to get SQL agent job information. sp_help_job: This procedure gives some insight into the status, and information, about a job. This stored procedure provides information such as last start time, job status etc. Syntax sp_help_job { [ @job_id= ] jo...
2 comments
Read more

Java 8 JMX Default Metrics

This is more of a note. Here you can find default types and attributes for JMX on top of Java 8. Code: I will clean and explain it later :( private static void WriteAttributes(final MBeanServer mBeanServer, final ObjectName http) throws InstanceNotFoundException, IntrospectionException, ReflectionException { MBeanInfo info = mBeanServer.getMBeanInfo(http); MBeanAttributeInfo[] attrInfo = info.getAttributes(); System.out.println("Attributes for object: " + http +":\n"); for (MBeanAttributeInfo attr : attrInfo) { System.out.println(" " + attr.getName() + "\n"); } } Attributes for object: java.lang:type=MemoryPool,name=Metaspace:   Name   Type   Valid   Usage   PeakUsage   MemoryManagerNames   UsageThreshold   UsageThresholdExceeded   UsageThresholdCount   UsageThresholdSupported   CollectionUsageThreshold   Collectio...
Post a Comment
Read more