Controlling Authorization permissions in Asp.Net Application in C#
hi Friend
i am here with article on Form Authentication and Authorization in Web config file .When we use the forms based Authentication in Asp.Net Application. Only the authenticated users can access pages in the application. Unauthenticated users are redirected to the specified login page provided by the loginURL tag. If the user login from that page then the user is redirected to page they wanted to go.
We use the location tag to define the rules in the Web.Config.
<configuration>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".aspFormAuth"
protection="None" path="/" timeout="30" >
</forms>
</authentication>
<!—We first deny any unauthorized user in the site. -->
<authorization>
<deny users="?" />
</authorization>
</system.web>
<!—Now we allow all the user to Home.aspx page here any unauthenticated User can
access this page -->
<location path="Home.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
<!—we can also give unauthenticated users permission on a given directory. -->
<location path="FolderName">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
</configuration>
-------------------------------------Code Behind-----------------------------------
here is the code behing that you can use Code behind on any event to set authentication
if (FormsAuthentication.Authenticate(txtUserName.Value, txtPassword.Value))
{
FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, false);
}
else
{
lblMessage.Text ="Unauthenticate User";
FormsAuthentication.SignOut();
}
Hope this artical help you in your application
Regards
Rajesh
0 comments: