back

Asp.Net - Forms Authentication

Principle of operation
The url case sensitivity issue
This issue is explained through the following example:
Conclusion:
Others cookie related issues
For more about cookies, visit this site cookie test page and cookie tutorial.
Using authentication without SQL Server database
For a very few users authentication or for tests, users credentials can be stored in web.config. This web.config section can be encrypted. The FormsAuthentication.Authenticate method is considered obsolete.
web.config authentication section:
<configuration>
This section brings luck to your site if you use a recent Visual Studio version and your religion does not force you to use jquery:
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
<system.web>
<authentication mode="Forms">
<forms cookieless="UseCookies" loginUrl="LoginPageName.aspx" path="/Folder1/Folder2">
<credentials passwordFormat="Clear">
One user credentials only is defined here:
<user name="sand" password="castle" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
...
page code:
In this example, the corresponding aspx page uses a Login control named "LoginControlName"
protected void Page_Load(object sender, EventArgs e)
{
this.LoginControlName.Authenticate += LoginControlName_Authenticate;
}
void LoginControlName_Authenticate(object sender, AuthenticateEventArgs e)
{
if (FormsAuthentication.Authenticate(this.LoginControlName.UserName, this.LoginControlName.Password))
FormsAuthentication.RedirectFromLoginPage(this.LoginControlName.UserName, this.LoginControlName.RememberMeSet);
}