Basic Login Problem

  • Thread starter Thread starter Ben
  • Start date Start date
B

Ben

Hi

I have the below code and am having problems with it, i get transferred to
the logindenied.aspx whether the credentials are correct or not.

Also once authenticated I want to forward the user to auth.aspx. How would
I do this?

Any help would be much appreciated.

Thanks B

Private Sub LoginButton_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles LoginButton.Click

If FormsAuthentication.Authenticate(UsernameTextBox.Text,
PasswordTextBox.Text) Then

FormsAuthentication.RedirectFromLoginPage(UsernameTextBox.Text, True)

Else

Server.Transfer("logindenied.aspx")

End If

End Sub

web.config........................

<authentication mode="Forms">

<forms name="appNameAuth" path="/" loginUrl="adminlogin.aspx"
protection="All" timeout="15">

<credentials passwordFormat="SHA1" >

<user name="myusername" password="myPassword"/>

< /credentials>

</forms>

</authentication>
 
Hello
Dear Ben

Plz change your passwordFormat type in Web.config File to "Clear"
as it expects the Password in SHA1 encryped format..which you not writed in
web.config file.

thanks
Malik Asif
 
you have specified passwordFormat="SHA1". However, the passwords are
clearly not encoded with SHA1. either encode the passwords in the config
file or use passwordformat="Clear"
 
Thank you both,

Now it forwards me to default.aspx when authenticated, is there any method
of specifying where to forward when setting the user as authenticated?

Thanks
B
 
Ben said:
Thank you both,

Now it forwards me to default.aspx when authenticated, is there any method
of specifying where to forward when setting the user as authenticated?
Click to expand...

you can invoke LoginPage.aspx?ReturnUrl=<your main page>. however, this will
not work if the user just goes directly to the login page.

alternatively, instead of using RedirectFromLoginPage() you can call
SetAuthCookie() and then do your own redirect

however, as best practice I would normally recommend:

1. have the "home page" of your app called default.aspx

2. make sure IIS knows this is the default page (so the user can leave off
the /default.aspx if they want)

3. don't explicitly link to the login page; link to default.aspx instead and
this will automatically go through the login process if they aren't logged
in
 
Back
Top