ASP.Net - Forms Based Authentication With Textboxes - ASP.NET Tutorials

There are a number of different ways to do Forms Authentication in ASP.Net. In this tutorial, we will deal with Forms Authentication using two standard TextBoxes.

So first, we are going to create a new ASP.Net application project. You can give it whatever name you want to.

Once the project has been created, we will need to add a new WebForm to the project. This is done by right-clicking on the project --> Add --> New Item... --> WebForm

Attached Image

Next, we are going to simply add 3 Labels, 2 Textboxes, and a Button. Here is the markup...

<body>
    <form id="form1" runat="server">
    <div>
        <table>
            <tr>
                <td>
                    <asp:Label ID="label1" runat="server" Text="Username:" />
                </td>
                <td>
                    <asp:TextBox ID="txtUserName" runat="server" />
                </td>
            </tr>
            <tr>
                <td>
                    <asp:Label ID="label2" runat="server" Text="Password:" />
                </td>
                <td>
                    <asp:TextBox ID="txtPassword" runat="server" />
                </td>
            </tr>
            <tr>
                <td>
                    <asp:Button ID="btnLogin" runat="server" Text="Login" onclick="btnLogin_Click" />
                </td>
            </tr>
            <tr>
                <td>
                    <asp:Label ID="lblInformation" runat="server" />
                </td>
            </tr>
        </table>
    </div>
    </form>
</body>

Just a really simply form with a textbox for the Username and Password. The third label will be used to show an error if the login fails.

Next, we are going to have our login code...

public partial class Login : System.Web.UI.Page
{
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        bool validLogin = false;

        validLogin = IsValidUser(txtUserName.Text.Trim(), txtPassword.Text.Trim());

        if (validLogin)
            // this will redirect the user back to the page they were originally trying to visit.
            //   if the user came directly to the Login page, it will redirect to the "defaultURL" from
            //   the web.config
            FormsAuthentication.RedirectFromLoginPage(txtUserName.Text.Trim(), false);
        else
            // not a valid login
            lblInformation.Text = "Incorrect Login Information";
    }

    private bool IsValidUser(string userName, string password)
    {
        // this is a very simple example where I am looking for this exact
        //   user name and password.  This could be any type of validation.
        if (userName == "admin" && password == "password")
            return true;
        else
            return false;
    }
}

The FormsAuthentication.RedirectFromLoginPage method will redirect users to the page they were trying to visit before they were redirected to the Login page. If they came directly to the login page, this code will redirect them to the defaultUrl from the web.config.

We now need to make some changes to the web.config file.

<system.web>
  <!-- some other attributes -->


  <authentication mode="Forms">
    <forms 
      name=".LOGIN" 
      loginUrl="Login.aspx" 
      defaultUrl="Default.aspx" />
  </authentication>

  <authorization>
    <deny users="?"/>
  </authorization>
</system.web>

Some explanation about some of the authentication attributes:

name - this can really be anything.
loginUrl - this is the page where the user will be redirect to when they are not authenticated.
defaultUrl - this is the page that the user will be redirected to after authentication IF they came directly to the login page.

There are other attributes, but these are the only necessary ones.

The <deny users="?"/> means to deny all non-authenticated users. So anybody who is not authenticated will be redirected to the login page.

Now, on our Default.aspx page, we are simply going to add a label that will display the user name that logged in.

<body>
    <form id="form1" runat="server">
    <div>
        <asp:Label ID="lblUserDisplay" runat="server" />
    </div>
    </form>
</body>

And the code for the Default.aspx page is just as simple...

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        lblUserDisplay.Text = "Hello " + User.Identity.Name;
    }
}

Now, if you set the Login.aspx page as the Startup page in Visual Studio(right-click on page --> Set As Startup Page) then start debugging, you will see the login screen come up. Put in "admin" for the user name, and "password" for the password, then hit the Login button, you will now be redirected to the defaultUrl(most likely the default.aspx page). You will also notice that you are greeted with a message.

Now, add a third WebForm to the project. This will be just a dummy form. Set it as the startup page, then run the project. You will now be redirected to the Login page, and after logging in, you will be redirected back to the dummy page.

This is only one way to do Forms Authentication in ASP.Net.

Enjoy.

ASP.Net - Forms Based Authentication With Textboxes Using standard Textboxes

#1 eclipsed4utoo

Replies To: ASP.Net - Forms Based Authentication With Textboxes

#2 negligible

#3 eclipsed4utoo

#4 trevster344

#5 Lost_symbol

General Discussion

Programming Help

Web Development

Follow & Share

Give It A Try!

ASP.NET Tutorials

Reference Sheets

ASP.NET Snippets

DIC Chatroom

Bye Bye Ads

Monthly Drawing