Senator Guerra Souty original series calendar,replica hublot blue steel peach pointer collocation of rolex replica Rome digital scale, track type minute replica watches scale shows that the classical model is swiss replica watches incomparable, wearing elegant dress highlights.
mr-ponna.com

 

YOU ARE HERE: HOME Questions How form based authentication works in ASP NET



ASP.NET Forms Authentication

View(s): 17229

How form based authentication works in ASP.NET

Answer 1)

Forms authentication uses an authentication ticket that is created when a user logs on to a site, and then it tracks the user throughout the site. The forms authentication ticket is usually contained inside a cookie. However, ASP.NET version 2.0 supports cookieless forms authentication, which results in the ticket being passed in a query string.

If the user requests a page that requires authenticated access and that user has not previously logged on to the site, then the user is redirected to a configured loginUrl under authentication section of web.config.

This processing is handled by the FormsAuthenticationModule class, which is an HTTP module that participates in the regular ASP.NET page-processing cycle and intercepts every request to the website. If it fails to find valid authentication ticket, it will redirect to the logon page.

The logon page prompts the user to supply credentials, typically a user name and password. These credentials are then passed to the server and validated against a user store, such as a SQL Server database or XML. After the user's credentials are authenticated, we have to issue Forms authentication ticket before we redirected the user to the originally requested page. If you redirect the user without issuing Forms authentication ticket, FormsAuthenticationModule will again takes the user to login page as it fails to find valid ticket.

We can issue Forms authentication ticket in multiple ways beside on requirement

  1. Using FormsAuthentication.RedirectFromLoginPage
    [CODE=cs]
    if (objUserBLL.Validate(txtUser.Text, txtPassword.Text))
    {
        FormsAuthentication.RedirectFromLoginPage(txtUser.Text, false);
    }
    
    [/CODE]
  2. Using FormsAuthentication.SetAuthCookie
    [CODE=cs]
    if (objUserBLL.Validate(txtUser.Text, txtPassword.Text))
    {
        string Role = objUserBLL.GetUserRole(txtUser.Text);
        if (Role.Equals("JobSeeker"))
        {
            FormsAuthentication.SetAuthCookie(txtUser.Text, false);
            Response.Redirect("~/JobSeeker/Dashboard.aspx");
        }
        else if (Role.Equals("Recruiter"))
        {
            FormsAuthentication.SetAuthCookie(txtUser.Text, false);
            Response.Redirect("~/Recruiter/Dashboard.aspx");
        }
    }
    
    [/CODE]

For more information about Forms Authentication, check MSDN Explained: Forms Authentication in ASP.NET 2.0

      Asked in:  TCS (Tata Consultancy Services)   Expertise Level:  Intermediate
      Last updated on Wednesday, 27 July 2011
    4/5 stars (7 vote(s))

    Register Login Ask Us Write to Us Help