Web Config and code for forms authentication in .net
Here's the forms authentication code that I always seem to forget.
Blatantly stolen from http://www.4guysfromrolla.com/webtech/110701-1.2.shtml and http://support.microsoft.com/kb/316871
Blatantly stolen from http://www.4guysfromrolla.com/webtech/110701-1.2.shtml and http://support.microsoft.com/kb/316871
Sub Submit_OnClick(sender as Object, e as EventArgs) If MyCustomMethod (txtUserName.Text, txtPassword.Text) Then FormsAuthentication.RedirectFromLoginPage (txtUserName.Text, False) Else ' Invalid credentials supplied, display message lblMessage.Text = "Invalid login credentials" End If End Sub
<configuration> <system.web> <authentication mode="Forms" > <forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" > </forms> </authentication> <!-- This section denies access to all files in this application except for those that you have not explicitly specified by using another setting. --> <authorization> <deny users="?" /> </authorization> </system.web> <!-- This section gives the unauthenticated user access to the Default1.aspx page only. It is located in the same folder as this configuration file. --> <location path="default1.aspx"> <system.web> <authorization> <allow users ="*" /> </authorization> </system.web> </location> <!-- This section gives the unauthenticated user access to all of the files that are stored in the Subdir1 folder. --> <location path="subdir1"> <system.web> <authorization> <allow users ="*" /> </authorization> </system.web> </location> </configuration>
