We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

ASP .NET 2.0 Add Role during Log In -  FormsAuthentication

Medium Priority
533 Views
Last Modified: 2013-11-25
Hi,

I have a simple login page that I have hard coded the credentials into the page.  I have to do this because the functionality will only be fore one-two people on the site, and we don't really maintain access to the sql databases on the server.

In my web config, I also list the persons (that onced logged in) are able to access the site functionality desired.  I would like to change this to a role base in the web.config for the specific files, so that I only have to change the one file on the test server.  I've tried adding the role manually in the file, but seem to be getting the general error.  Any thoughts?
<%@ Page Language='VB' MasterPageFile='usphssite.master' Title='Content Page for login.aspx' %>

<%@ Import Namespace='System.Web.Security' %>

<script runat='server'>


    'Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
	'If User.IsInRole("members") Then
	'	Msg.Text = "A part of members."
	'Else
'		Msg.Text = "Not a part of members."
'	End If

'    End Sub


    Sub Logon_Click(ByVal sender As Object, ByVal e As EventArgs)
        If ((UserEmail.Text = "Admin") And (UserPass.Text = "password1")) _
           Or ((UserEmail.Text = "test1@test.com") And (UserPass.Text = "password1")) Then

	    Roles.CreateRole("members")

	    Roles.AddUserToRole(UserEmail.Text, "members")

	If User.IsInRole("members") Then
		Msg.Text = "A part of members."
	Else
		Msg.Text = "Not a part of members."
	End If


'            FormsAuthentication.RedirectFromLoginPage(UserEmail.Text, Persist.Checked)
        Else
            Msg.Text = "Invalid Credentials. Please try again."
        End If
    End Sub
</script>

<asp:Content ID='Content1' ContentPlaceHolderID='Main' Runat='Server'>

    <p>
        Please enter your username and password.
   </p>

    <p><asp:Label ID='Msg' ForeColor='Red' runat='server' /></p>
   <p>
   <asp:Label ID='Label1' runat='server'>Email Address:</asp:Label>
   <asp:TextBox ID='UserEmail' runat='server' Width='183px'></asp:TextBox>
   <asp:RequiredFieldValidator ID='RequiredFieldValidator2' runat='server' ControlToValidate='UserEmail'
        ErrorMessage='Can not be empty.'></asp:RequiredFieldValidator>
    </p>
    <p>
   <asp:Label ID='Label2' runat='server' Width='78px'>Password:</asp:Label>
   <asp:TextBox ID='UserPass' runat='server' Width='183px' TextMode='Password'></asp:TextBox>
   <asp:RequiredFieldValidator ID='RequiredFieldValidator1' runat='server' ControlToValidate='UserPass'
        ErrorMessage='Can not be empty.'></asp:RequiredFieldValidator>
   </p>
   <p>
   <asp:Label ID='Label3' runat='server' Text='Remember me?' Width='98px'></asp:Label>
   <asp:CheckBox ID='Persist' runat='server' />
   </p>
   <p>
    <asp:Button ID='Submit1' runat='server' Text='Log On' OnClick='Logon_Click' width='99px'/>
    </p>
</asp:Content>

Open in new window

Comment
Watch Question

CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Is this what you are suggesting I use in the VB:

          Roles.AddUserToRole(UserEmail.Text, "members")
          FormsAuthentication.RedirectFromLoginPage(UserEmail.Text, Persist.Checked)
    Sub Logon_Click(ByVal sender As Object, ByVal e As EventArgs)
        If ((UserEmail.Text = "Admin") And (UserPass.Text = "password1")) _
           Or ((UserEmail.Text = "test1@test.com") And (UserPass.Text = "password1")) Then

                FormsAuthenticationTicket Authticket = new
                            FormsAuthenticationTicket(1,
                            UserEmail.Text,
                            DateTime.Now,
                            DateTime.Now.AddMinutes(30),
                            Persist.Checked,
                            _user.Role,  
                            FormsAuthentication.FormsCookiePath);
 ' I should define "_user.Role," as "members"
               
                string hash = FormsAuthentication.

                              Encrypt(Authticket);

                HttpCookie Authcookie = new HttpCookie(

                 FormsAuthentication.FormsCookieName,hash);

                if (Authticket.IsPersistent)
                    Authcookie.Expires = Authticket.Expiration;
                Response.Cookies.Add(Authcookie);
                string returnUrl = Request.QueryString["ReturnUrl"];
                if (returnUrl == null)

                    returnUrl = "/";

                Response.Redirect(returnUrl);


'           FormsAuthentication.RedirectFromLoginPage(UserEmail.Text, Persist.Checked)
        Else
            Msg.Text = "Invalid Credentials. Please try again."
        End If
    End Sub
</script>


I'm not good with C#, so if you have a more specific suggestion to add.
CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Was helpful for multiple other areas where I can find C# examples but not VB.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.