A simple Login Application for a newbie
-
Hello,
I have been trying to create a simple login application. I wanted to follow instructions on quick start but since I could not run any sample application (see another post on this issue) I am posting this to get some help.
I am using VS2005 Visual Web Express under Vista Business and FireFox as browser.
My application is simply a login page (using all standard ASP.NET controls) is to direct a user to different pages depending on his/her username/password. If the user is admin and authenticated display a page with CreateUserWizard control so that admin add new users to the database. If the user is somebody else and authenticated then do not show this control on this page. This is all. This should be a pice of cake for ASP programmers. Here is the detailed explanation of the project:
Currently in the user database (users and their memberships were created by ASP.config utility in VS2005) there are two users:1. Username:admin, Password: password@123
2. UserName: user, Password: password@123
There are three aspx pages:
1. Default.apsx:
a) LoginStatus1 control
b) LoginName1 control
c) LoginView1 control
2. LogingTest.aspx:
a) Login1 control
3. Demo.aspx: DestinationPageUrl="~/Demo.aspx"
a) Two radiobutton controls
b) CreateUserWizard1 control
Required functionality:
1. If user is admin, load the page called demo and display everything on this page2. If the user is user (or any user) than load the page demo and do not show CreateUserWizard1 control on this page
3. If any user clicks on any of the buttons open a different page with different functions
The only routine I think I need is the LoggedIn with a code like this in the TestLogin.apsx:
Protected Sub Login1_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login1.LoggedIn
If (User.Identity.IsAuthenticated) Then
Server.Transfer("Demo.aspx")
End If
End Sub
And in the demo.aspx
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If (Session("Check") <> Nothing) And Convert.ToBoolean(Session("Check")) Then
Dim str As String = User.Identity.Name
If User.Identity.Name = "admin" And User.Identity.IsAuthenticated = True Then
CreateUserWizard1.Visible = True
Else
If optTMDemo.Checked = True Then
Server.Transfer("page1.aspx")
End If
If optPMDemo.Checked = True Then
Server.Transfer("page2.aspx")
End If
End If
End If
End Sub
In nowhere in the program I can get User.Identity.Name to have a value other than empty and the User.Identity.IsAuthenticated is always false! Where do these variables change? When I debug the code, the execution comes twice to LoginTest and always they are empty and false. If the user is admin, I get to default page back and LoginStatus reports that admin is logged in!
I can send the whole code to anyone interested. Any help will be greatly appreciated.
Thank you very much.
Athena
Default.aspx:
-------------------
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
</head>
<body>
<form id="form1" runat="server">
<div>
<span style="font-size: 10pt; font-family: Verdana">Support Options<br />
<br />
Support functions require you to login to a secure web site<br />
</span>
<span style="font-size: 10pt; font-family: Verdana"> </span>
<br />
<table style="width: 447px">
<tr>
<td style="width: 444px">
<asp:LoginStatus
ID="LoginStatus1" runat="server" Font-Names="Verdana" Font-Size="10pt" Width="34px" />
</td>
</tr>
<tr>
<td style="width: 444px; height: 20px">
<asp:LoginName ID="LoginName1" runat="server" Font-Names="Verdana" Font-Size="10pt"
FormatString="Hello {0}" Style="z-index: 100; left: 15px; position: absolute;
top: 110px" />
</td>
</tr>
<tr>
<td style="width: 444px; height: 77px">
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
<span style="font-size: 10pt; font-family: Verdana">You are now logged in. Welcome.</span> <br />
<br />
</LoggedInTemplate>
<AnonymousTemplate>
<span style="font-size: 10pt; font-family: Verdana">You are not logged in. Click the
login link to sign in.</span>
</AnonymousTemplate>
</asp:LoginView>
</td>
</tr>
</table>
</div>
</form>
</body>
</html>------------------------------
Demo,aspx
-------------------------------
<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If (Session("Check") <> Nothing) And Convert.ToBoolean(Session("Check")) Then
Dim str As String = User.Identity.Name
If User.Identity.Name = "admin" And User.Identity.IsAuthenticated = True Then
CreateUserWizard1.Visible = True
Else
If optTMDemo.Checked = True Then
Server.Transfer("page1.aspx")
End If
If optPMDemo.Checked = True Then
Server.Transfer("page2.aspx")
End If
End If
End If
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server" >
<div>
<div>
<asp:RadioButton ID="optTMDemo" runat="server" Font-Names="Verdana" Font-Size="10pt"
ForeColor="#336699" Style="z-index: 100; left: 7px; position: absolute; top: 69px"
Text="Tumor Management System Demo" />
<asp:RadioButton ID="optPMDemo" runat="server" Font-Names="Verdana" Font-Size="10pt"
ForeColor="#336699" Style="z-index: 101; left: 7px; position: absolute; top: 51px"
Text="Paw Management System Demo" />
<asp:Label ID="Label1" runat="server" Font-Names="Verdana" Font-Size="10pt" ForeColor="#336699"
Style="z-index: 102; left: 10px; position: absolute; top: 21px" Text="Product demos"></asp:Label>
<asp:CreateUserWizard ID="CreateUserWizard1" runat="server" BackColor="#F7F6F3" BorderColor="#E6E2D8"
BorderStyle="Solid" BorderWidth="1px" Font-Names="Verdana" Font-Size="0.8em"
Style="z-index: 104; left: 11px; position: absolute; top: 125px">
<SideBarStyle BackColor="#5D7B9D" BorderWidth="0px" Font-Size="0.9em" VerticalAlign="Top" />
<SideBarButtonStyle BorderWidth="0px" Font-Names="Verdana" ForeColor="White" />
<ContinueButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
<NavigationButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
<HeaderStyle BackColor="#5D7B9D" BorderStyle="Solid" Font-Bold="True" Font-Size="0.9em"
ForeColor="White" HorizontalAlign="Center" />
<CreateUserButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
<TitleTextStyle BackColor="#5D7B9D" Font-Bold="True" ForeColor="White" />
<StepStyle BorderWidth="0px" />
<WizardSteps>
<asp:CreateUserWizardStep runat="server">
</asp:CreateUserWizardStep>
<asp:CompleteWizardStep runat="server">
</asp:CompleteWizardStep>
</WizardSteps>
</asp:CreateUserWizard>
</div>
</div>
</form>
</body>
</html>-----------------------------
web.config
-----------------------------
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authentication mode="Forms">
loginUrl="~/LoginTest.aspx"
slidingExpiration="true"
cookieless="UseCookies"
protection="All"
timeout="30" path="/" />
</authentication><membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
<roleManager enabled="true" />
<pages>
<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>
<add namespace="System.Web.UI.HtmlControls"/>
</namespaces>
</pages>
<compilation debug="true"/></system.web>
<system.net>
<mailSettings>
<smtp from="hiittite@gmail,com">
<network host="localhost" password="" userName=""/>
</smtp>
</mailSettings>
</system.net>
</configuration>
-
You might like to take a look at:
http://www.15seconds.com/issue/020220.htm
You can also try this: http://www.sqlmag.com/Article/ArticleID/93053/sql_server_93053.html
Hope that helps,
Joe
-
Hello Joe,
Among ~20 the answers I've got from ASP.NET forum, this one is the closest to the solution I am after But there is a simple problem. The sample code works for two users in the web.config file only. I used asp.config utility and created two more users but it doesn't work for them. In my application the page I want to load a page after the user authentication displays a CreateUserWizard1 control to add more users. How can I add this functionality so that I can use it for more users? Again I am not a programmer so please be patient with me for my novice questions. Thank you again.
Athena
-
Hi Athena,
Where did you get the sample code from? - can you post a link to it?
I'm also a little at a loss as to locating the asp.config utility you speak of - was it part of the express version?
As far as I recall, when I played around with MS's inbuilt security application, you simply run the MS application and it sets up (builds) the security database with all the usual membership, roles and user login details. Your own application then uses this sql server security database to validate users. It was pretty impressive. In order to get users added to the database you used the associated security web site (that the original MS security application already built) to do the actual maintenance of users and roles.
Its been a while since I used forms authentication, since most of our work revolves around an integrated network security model. I haven't used the Wizard before, but there seems to be a decent article on it here: http://aspnet.4guysfromrolla.com/articles/061406-1.aspx
Joe
-
Hello Joe,
The sample is from http://www.15seconds.com/issue/020220.htm. (as you posted)
The asp.config is part of WS2005 Visual Web Express under WebSite>ASP.NET configuration. I am not sure whether you can run as standalone application. It opens a web page in IE to manage users (create, membersips etc). My idea is to use CreateUserControl wizard to populate the SQL database with users. This would be accessed when user is admin. It will be on the same page with a radiobuttonlist control where users can click to navigate other pages. The user create control will not be displayed users other than admin.
When you look at the the example above could you please help me to be able to use the CreateUserControl wizard to add users to database?
Thank you,
Athena
-
Hi Athena,
Some more reading for you:
http://articles.techrepublic.com.com/5100-22-1052978.html
http://articles.techrepublic.com.com/5100-22_11-1052976.html
http://aspnet.4guysfromrolla.com/articles/120705-1.aspx
Have myself been playing round with these articles today: The Sql Server membership tables that I was looking for are created by running "aspnet_regsql.exe" and I eventually figured out the "ASP.Net Configuration" web front end. Quite amazing how much you forget and where these items are located, if you don't use them for awhile. Had looked at this a loooonnnnng time ago.
Anyways, your problem seems to reside mainly around the web config file. If you take time out to read through the aspnet article (above) you'll get a better understanding of whats actually going on.
But quickly stated: the membership details are created in an access database under a 'hidden' folder called App_Data. The fact that you may have created the tables in a sql server one will not count for much unless the application tells it where to look, the default is for the site to create an access db.
So, your web.config file currently has:
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authentication mode="Forms">
loginUrl="~/LoginTest.aspx"
slidingExpiration="true"
cookieless="UseCookies"
protection="All"
timeout="30" path="/" />
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
.. BUT... the "LocalSqlServer" needs to be specified. So your <connectionStrings /> should have:
<connectionStrings>
<add name="LocalSqlServer"
connectionString="Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=TestBed;Data Source=SqlExpress"
/>
</connectionStrings>
obviously you'll need to specify the correct connection string parameters - the ones above are an edited version of mine.
The only other thing that I did was grant access for the local ASPNET user to be able to access the database on my machine, since I'm using integrated security.
Once done, no problem - I ran the code and used the create wizard to create a new user in the database, which because I checked the name like you have done, does not then show the wizard when logging in.
If you still get a little undone, send me your code and I'll try to "highlight" any anomolies that I might pick up.Use my username at kingsley dot co dot za.
Joe
Post a reply
ASP.NET forum discussion
-
How to get Hotmail Contacts
by salihagenter (5 replies)
-
How to send fax using VB.net
by Jeffry Clyde (35 replies)
-
Difference between class and interface
by aladanh.go (47 replies)
-
How to Add Text in Footer of Gridview?
by arthurmarsh (5 replies)
-
Using FedEx Web Service to Calculcate Shipping Cost
by ravialen3782 (8 replies)
ASP.NET tutorials
- The Evolution of a Azure Web Application
- Protecting your ASP.NET Web API using OAuth2 and the Windows Azure Access Control Service
- Using HTML5 History in an ASP.NET MVC Site
- An Introduction to testing with the Model-View-Presenter pattern for Web Forms Development
- Improving Web Site Performance and Scalability while saving money
Quick links
Recent activity
- arif ahmad replied to How to receive data in web ...
- William Thompson replied to What is the name of the Win...
- Sameera Piyadigamage replied to Point of Sale Developers: H...
- Scott Carline replied to 4 x C# Developers for large...
- Rajendra Dhakal replied to Restore SQL Server text dat...
- cloud rainda replied to How to convert between TS f...
Enter your message below
Sign in or Join us (it's free).