Home/ Questions/Q 6062303
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T09:02:06+00:00

I seem to cant set up an authentication system in asp.net I have code

  • 0

I seem to cant set up an authentication system in asp.net
I have code for a login system:

protected void btnlogin_Click(object sender, EventArgs e)
{
    PageUser myUser = new PageUser();
    if (myUser.AuthenticateUser(txtUsername.Text, txtPassword.Text))
    {
        // entry found

        HttpCookie myCookie;

        DateTime now = DateTime.Now;

        myCookie = new HttpCookie("UserName");
        myCookie.Value = myUser.UserName;
        myCookie.Expires = now.AddMinutes(30);
        Response.Cookies.Add(myCookie);

        myCookie = new HttpCookie("LoginID");
        myCookie.Value = myUser.UserLoginID.ToString();
        myCookie.Expires = now.AddMinutes(30);
        Response.Cookies.Add(myCookie);

        lblResult.Visible = false;

        FormsAuthentication.SetAuthCookie(myUser.UserName + " " + myUser.UserLoginID.ToString(), true);

        Response.Redirect("AdminView.aspx");
    }
    else
    {
        // entry not found
        lblResult.Text = "<b>Invalid logon attempt<b>";
        lblResult.ForeColor = System.Drawing.Color.FromName("Red");
        lblResult.Visible = true;
    }
}

The authentication method works fine, but when I do not login it still lets me redirect twords the AdminView even though the person didnt login.
Code I am having difficulty with:

protected void Page_Load(object sender, EventArgs e)
{
    if (!Page.IsPostBack)
    {

    }
    string userName = "";
    string[] splits;
    try
    {
        if (this.Page.User.Identity.IsAuthenticated)
        {
            splits = this.Page.User.Identity.Name.Split(new char[1] { ' ' });
            userName = splits[0] + " " + splits[1];

        }
        else
        {
            Response.Redirect("default.aspx");
        }
        txtLoggedInUser.Text += " - " + userName;
    }
    catch
    {
        Response.Redirect("default.aspx");
    }
}

I am not sure how to write this code so it would redirect a person back to the login page when they try to visit the admin page.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    To restrict an unauthenticated user to the AdminView.aspx page, you have to add below into the configuration section of the web.configfile.

    <location path="AdminView.aspx">
<system.web>
    <authorization>
        <deny users="?"/>               
    </authorization>
</system.web>

    <deny users="?"/> mean’s the unauthenticated user will not be able to access the file/folder AdminView.aspx

    • 0