Authentication Doubt

My website has several pages .

the user shouldnt able to access any pages without authentication ,

i created login page also ,which is working well , but if i click or enter that particular url it goes to its respective page  . But i need to show the login page aftr authentication only , the user can surf my webpages .  


  Just like this Site .....
<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
  <appSettings>
    <add key="cons"  value="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"/>   
  </appSettings>
	<connectionStrings>
  <add name="tonivtreepConnectionString" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString2" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString3" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString4" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
 </connectionStrings>
	<system.web>
    <authentication mode="Forms">
      <forms    name=".ASPXAUTH" 
                    loginUrl="Login.aspx" 
                    protection="All" 
                    timeout="30" 
                    path="/"
                    requireSSL="false" 
                    slidingExpiration="true" 
                    defaultUrl="Login.aspx" 
                    cookieless="UseDeviceProfile" 
                    enableCrossAppRedirects="false"/>
    </authentication>
 
 
    <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
  <roleManager enabled="true" />
  <compilation debug="true"/>
		<!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
  <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.
 
        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
	</system.web>
</configuration>

Open in new window

LVL 18
Rajar AhmedConsultantAsked:
Who is Participating?
 
varungdConnect With a Mentor Commented:
Remove
 Response.Redirect("default.aspx");
from the login page and give the redirect page in the webconfig
Try like this....
 

In WebConfig
 
 
 <authentication mode="Forms">
      <forms    name=".ASPXAUTH" 
                    loginUrl="Login.aspx" 
                    protection="All" 
                    timeout="30" 
                    path="/"
                    requireSSL="false" 
                    slidingExpiration="true" 
                    defaultUrl="default.aspx" 
                    cookieless="UseDeviceProfile" 
                    enableCrossAppRedirects="false"/>
    </authentication>
<authorization>
			<deny users="?" />
		</authorization>
 
 
 
 
 
c#
 
 
if (Authenticated == true)
        {
           FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);        
}

Open in new window

0
 
sm394Connect With a Mentor Commented:
try adding this tag
<authorization>
                  <deny users="?" />
                  <allow users="*" />
            </authorization>
0
 
Rajar AhmedConsultantAuthor Commented:
my page is on the same login page only, even its right username and password.......
Not messaging any failure text also . but not entering to other page ..
protected void Page_Load(object sender, EventArgs e)
    {
 
    }
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        bool Authenticated = false;
        Authenticated = Authenmethod(Login1.UserName, Login1.Password);
        e.Authenticated = Authenticated;
        if (Authenticated == true)
        {
            Response.Redirect("default.aspx");
        }
 
 
    }
    private bool Authenmethod(string UserName, string Password)
    {
        bool boolReturnValue = false;
        // Insert code that implements a site-specific custom 
        // authentication method here.
        // This example implementation always returns false.
        string strConnection = ConfigurationManager.AppSettings["cons"];
        SqlConnection Connection = new SqlConnection(strConnection);
        String strSQL = "Select * From login";
        SqlCommand command = new SqlCommand(strSQL, Connection);
        SqlDataReader Dr;
        Connection.Open();
        Dr = command.ExecuteReader();
        while (Dr.Read())
        {
            if ((UserName == Dr["name"].ToString()) & (Password == Dr["Password"].ToString()))
            {
                boolReturnValue = true;
            }
            //Dr.Close();
            
        }
        return boolReturnValue;
    }

Open in new window

0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
sm394Connect With a Mentor Commented:
put break point on there and check  if Authenticated do you go to default.aspx

if (Authenticated == true)
        {
            Response.Redirect("default.aspx");
        }
0
 
Rajar AhmedConsultantAuthor Commented:
its entering into that loop also
Response.Redirect("default.aspx");

but the page is still in login.page

This was the url...
http://localhost:3121/dsfafafs/Login.aspx?ReturnUrl=%2ffoodbegin1%2fdefault.aspx

I want it like this....
http://localhost:3121/foodbegin1/default.aspx 
0
 
sm394Commented:
are you using built in login control
0
 
Rajar AhmedConsultantAuthor Commented:
s . .
0
 
Rajar AhmedConsultantAuthor Commented:

how to logout  . wether to be used in web.config . are any button can be used ?
0
 
varungdCommented:
If u need to logout use button and write the codes in the event of that button.
0
 
Rajar AhmedConsultantAuthor Commented:
thanks for help...

formsauthentication.signout();

Worked


Thanks again...
0
 
Rajar AhmedConsultantAuthor Commented:
issue solved . logout working cool...

But if i press back button i can able to see the content page of the site ,..why dat so .....??
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.