TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
krishna angirekula
NA
68
28.8k
Role based authentication
Dec 27 2014 12:06 AM
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Web.Security;
using System.Data;
using System.Configuration;
namespace loginrolebased
{
public partial class Login : System.Web.UI.Page
{
string CS = ConfigurationManager.ConnectionStrings["EMS"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
FormsAuthentication.Initialize();
// Create our connection and command objects
SqlConnection conn =
new SqlConnection(CS);
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = "SELECT roles FROM user1 WHERE uname=@uname " +
"AND pwd=@pwd";
// Fill our parameters
string EncryptedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "SHA1");
// SqlParameter is in System.Data namespace
SqlParameter paramUsername = new SqlParameter("@Uname", txtUserName.Text);
SqlParameter paramPassword = new SqlParameter("@Pwd", EncryptedPassword);
cmd.Parameters.Add(paramUsername);
cmd.Parameters.Add(paramPassword);
//cmd.Parameters.Add("@uname", SqlDbType.NVarChar, 64).Value =txtUserName.Text;
//cmd.Parameters.Add("@pwd", SqlDbType.NVarChar, 128).Value =
// FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "sha1"); // Or "sha1"
//// Execute the command
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
// Create a new ticket used for authentication
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // Ticket version
paramUsername.ToString(), // Username associated with ticket
DateTime.Now, // Date/time issued
DateTime.Now.AddMinutes(30), // Date/time to expire
true, // "true" for a persistent user cookie
reader.GetString(0), // User-data, in this case the roles
FormsAuthentication.FormsCookiePath);// Path cookie valid for
// Encrypt the cookie using the machine key for secure transport
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName, // Name of auth cookie
hash); // Hashed ticket
// Set the cookie's expiration time to the tickets expiration time
if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
// Add the cookie to the list for outgoing response
Response.Cookies.Add(cookie);
// Redirect to requested URL, or homepage if no previous page
// requested
string returnUrl = Request.QueryString["~/welcome.aspx"];
if (returnUrl == null) returnUrl = "/";
// Don't call FormsAuthentication.RedirectFromLoginPage since it
// could
// replace the authentication ticket (cookie) we just added
Response.Redirect(returnUrl);
}
else
{
// Never tell the user if just the username is password is incorrect.
// That just gives them a place to start, once they've found one or
// the other is correct!
lblmsg.Text = "Username / password incorrect. Please try again.";
lblmsg.Visible = true;
}
reader.Close();
conn.Close();
}
}
i am getting error in the red lines code
Plz check and solve it
Reply
Answers (
1
)
I m preparing for microsoft exam 70-515 ASP.net
How to generate .odt or doc file in ASP.Net