Authentication Doubt

My website has several pages .

the user shouldnt able to access any pages without authentication ,

i created login page also ,which is working well , but if i click or enter that particular url it goes to its respective page  . But i need to show the login page aftr authentication only , the user can surf my webpages .  


  Just like this Site .....
<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
  <appSettings>
    <add key="cons"  value="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"/>   
  </appSettings>
	<connectionStrings>
  <add name="tonivtreepConnectionString" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString2" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString3" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
  <add name="tonivtreepConnectionString4" connectionString="server=65.182.104.237,3628 ; database=virfolks;uid=virfolks;pwd=saiUSA"
   providerName="System.Data.SqlClient" />
 </connectionStrings>
	<system.web>
    <authentication mode="Forms">
      <forms    name=".ASPXAUTH" 
                    loginUrl="Login.aspx" 
                    protection="All" 
                    timeout="30" 
                    path="/"
                    requireSSL="false" 
                    slidingExpiration="true" 
                    defaultUrl="Login.aspx" 
                    cookieless="UseDeviceProfile" 
                    enableCrossAppRedirects="false"/>
    </authentication>
 
 
    <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
  <roleManager enabled="true" />
  <compilation debug="true"/>
		<!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
  <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.
 
        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
	</system.web>
</configuration>

Open in new window

LVL 18
Rajar AhmedConsultantAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sm394Commented:
try adding this tag
<authorization>
                  <deny users="?" />
                  <allow users="*" />
            </authorization>
0
Rajar AhmedConsultantAuthor Commented:
my page is on the same login page only, even its right username and password.......
Not messaging any failure text also . but not entering to other page ..
protected void Page_Load(object sender, EventArgs e)
    {
 
    }
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        bool Authenticated = false;
        Authenticated = Authenmethod(Login1.UserName, Login1.Password);
        e.Authenticated = Authenticated;
        if (Authenticated == true)
        {
            Response.Redirect("default.aspx");
        }
 
 
    }
    private bool Authenmethod(string UserName, string Password)
    {
        bool boolReturnValue = false;
        // Insert code that implements a site-specific custom 
        // authentication method here.
        // This example implementation always returns false.
        string strConnection = ConfigurationManager.AppSettings["cons"];
        SqlConnection Connection = new SqlConnection(strConnection);
        String strSQL = "Select * From login";
        SqlCommand command = new SqlCommand(strSQL, Connection);
        SqlDataReader Dr;
        Connection.Open();
        Dr = command.ExecuteReader();
        while (Dr.Read())
        {
            if ((UserName == Dr["name"].ToString()) & (Password == Dr["Password"].ToString()))
            {
                boolReturnValue = true;
            }
            //Dr.Close();
            
        }
        return boolReturnValue;
    }

Open in new window

0
sm394Commented:
put break point on there and check  if Authenticated do you go to default.aspx

if (Authenticated == true)
        {
            Response.Redirect("default.aspx");
        }
0
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

Rajar AhmedConsultantAuthor Commented:
its entering into that loop also
Response.Redirect("default.aspx");

but the page is still in login.page

This was the url...
http://localhost:3121/dsfafafs/Login.aspx?ReturnUrl=%2ffoodbegin1%2fdefault.aspx

I want it like this....
http://localhost:3121/foodbegin1/default.aspx 
0
sm394Commented:
are you using built in login control
0
Rajar AhmedConsultantAuthor Commented:
s . .
0
varungdCommented:
Remove
 Response.Redirect("default.aspx");
from the login page and give the redirect page in the webconfig
Try like this....
 

In WebConfig
 
 
 <authentication mode="Forms">
      <forms    name=".ASPXAUTH" 
                    loginUrl="Login.aspx" 
                    protection="All" 
                    timeout="30" 
                    path="/"
                    requireSSL="false" 
                    slidingExpiration="true" 
                    defaultUrl="default.aspx" 
                    cookieless="UseDeviceProfile" 
                    enableCrossAppRedirects="false"/>
    </authentication>
<authorization>
			<deny users="?" />
		</authorization>
 
 
 
 
 
c#
 
 
if (Authenticated == true)
        {
           FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);        
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rajar AhmedConsultantAuthor Commented:

how to logout  . wether to be used in web.config . are any button can be used ?
0
varungdCommented:
If u need to logout use button and write the codes in the event of that button.
0
Rajar AhmedConsultantAuthor Commented:
thanks for help...

formsauthentication.signout();

Worked


Thanks again...
0
Rajar AhmedConsultantAuthor Commented:
issue solved . logout working cool...

But if i press back button i can able to see the content page of the site ,..why dat so .....??
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.