Why can’t I login to the web even though the User and pass ?

Question

I am writing a small example of Login webSite, there are two types of accounts and passwords, one is an account and password is stored in the Web.config file and the other two accounts and passwords are saved in SQL Server database, My problem is that in form 1, when logging in it opens Logon_Redirect.aspx file but cannot access, the following is my code I am debugging and running to the code where this opens the Logon_Redirect.aspx file but nothing, but when I log in with another account and password (the user password of SQL Server) log in well. In file Web.config appSettings > ... add key = "SmtpServer" value = "localhost" /> add key = "EmailWebmaster" value = "admin" /> add key = "Password" value = "123" /> ... appSettings > In file Logon_Redirect.aspx html xmlns = "http://www.w3.org/1999/xhtml" > head runat = "server" > title > Untitled Page title > head > body > form id = "form1" runat = "server" > div > div > form > body > html > In file Logon_Redirect.aspx.cs public partial class Logon_Redirect : System.Web.UI.Page { protected void Page_Load( object sender, EventArgs e) { // kiem tra va Redirect toi trang can thiet if (Page.User.IsInRole(Globals.Settings.AppRoles.KhachHang)) Response.Redirect(Globals.ApplicationPath); else if (Page.User.IsInRole(Globals.Settings.AppRoles.Admin)) Response.Redirect(Globals.ApplicationPath + "WebMaster/Contacts/Contact.aspx" ); } } In file Logon.aspx.cs protected void btLogon_Click( object sender, EventArgs e) { //I can't Login User/Pass in file Web.config, check User: admin and Pass: 123 if (Membership.ValidateUser(txtEmail.Text, txtPassword.Text)) { if (Request.QueryString[ "ReturnUrl" ] != null ) { FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false ); } else { FormsAuthentication.SetAuthCookie(txtEmail.Text, false ); Session[ "username" ] = txtEmail.Text.Trim(); Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx" ); //I am debugging and running to the code here and opens the Logon_Redirect.aspx file but nothing } } else //Login SQL Server very good { // check User/pass other on SQL Server if (webapp4U.BOL.User.CheckUserName(txtEmail.Text) && txtPassword.Text == ConfigurationManager.AppSettings[ "Password" ].ToString()) { FormsAuthentication.SetAuthCookie(txtEmail.Text, false ); Session[ "username" ] = txtEmail.Text.Trim(); Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx" ); } else lblMsg.Text = ResourceManager.GetString( "Logon_False" ); } }

Dong Lam Trien · Answer

Assume me the following user/pass: I. in the Web.config file of the system administrator under Administrator user: web pass: 123 II. in SQL Server - Case of admin: user: admin pass: 123 - Case two of "Customers" user: peter pass: 123 My Question: 1. In the file Logon.aspx.cs I want to pass to Logon_Redirect.aspx.cs how do I declare ? Here, I want to add a message for the message Logon_Redirect.aspx.cs how to make the label I write ? [CODE] protected void btnLogin_Click(object sender, EventArgs e) { //Check User/Pass from SQL Server if (Membership.ValidateUser(txtUsername.Text, txtPassword.Text)) { if (Request.QueryString["ReturnUrl"] != null) { FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false); } else { ... Debug.Print("Login successfully to SQL Server ..."); //Here, I want to add a message for the message Logon_Redirect.aspx.cs how to make the label I write ? } } else //Check User/Pass from file Web.config { if (txtUsername.Text == ConfigurationManager.AppSettings["EmailWebmaster"].ToString() && txtPassword.Text == ConfigurationManager.AppSettings["Password"].ToString()) { ... Debug.Print("Login successfully to Web.config ..."); //Here, I want to add a message for the message Logon_Redirect.aspx.cs how to make the label I write ? } else lblMsg.Text = ResourceManager.GetString("Logon_False"); } } [/CODE] 2. I debug the Logon_Redirect.aspx.cs file in the following code I see: [CODE] 1. protected void Page_Load(object sender, EventArgs e) 2. { 3. if (Page.User.IsInRole(Globals.Settings.AppRoles.KhachHang)) 4. Response.Redirect(Globals.ApplicationPath); 5. else if (Page.User.IsInRole(Globals.Settings.AppRoles.Admin)) 6. Response.Redirect(Globals.ApplicationPath + "WebMaster/Contacts/Contact.aspx"); 7. } [/CODE] 2. I debug the Logon_Redirect.aspx.cs file in the following code I see: - If I log in user: web, run command 1 to 5 and remove statement 6 and run statement 7 - If I log in user: admin, run the command from 1 to 7 - If I log in user: peter then run command 1 to 4 to remove statement 5, statement 6 and continue running command 7 - Summary: I login user: web failed, the remaining two cases login successfully (admin and peter).

Laxmidhar Sahoo · Answer

hi check the path at run time Globals.ApplicationPath + "WebMaster/Contacts/Contact.aspx"

Dong Lam Trien · Answer

I have already declared it but it cannot be done using System.Configuration;

Dong Lam Trien · Answer

I debug the way you instructed in the button_click event code protected void btLogon_Click( object sender, EventArgs e) { if (Membership.ValidateUser(txtEmail.Text, txtPassword.Text)) { try { if (Request.QueryString[ "ReturnUrl" ] != null ) { FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false ); } else { FormsAuthentication.SetAuthCookie(txtEmail.Text, false ); Session[ "username" ] = txtEmail.Text.Trim(); Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx" ); //You see the message output in the attached image, I choose yes } } catch (Exception ex) { Debug.Print( "Error login sql: " + ex); } } else { try { // check UserName if (txtEmail.Text==ConfigurationManager.AppSettings[ "EmailWebmaster" ].ToString() && txtPassword.Text == ConfigurationManager.AppSettings[ "Password" ].ToString()) { FormsAuthentication.SetAuthCookie(txtEmail.Text, false ); Session[ "username" ] = txtEmail.Text.Trim(); Response.Redirect(Globals.ApplicationPath + "Logon_Redirect.aspx" ); //You see the message output in the attached image, I choose yes } else lblMsg.Text = ResourceManager.GetString( "Logon_False" ); } catch (Exception ex) { Debug.Print( "Error Web.config: " + ex); } } } I am debugging both the user/pass sql server and user/pass cases in the Web.config file when I came to the code "Response.Redirect (Globals.ApplicationPath +" Logon_Redirect.aspx ");" In both cases, a notification is sent to view the http://www.mediafire.com/view/wvlg2xymggvd6rj/ErrLoginFA.jpg/file attachment When running this line with the corresponding user/pass will give an error message Debug.Print (...) corresponding to both cases. If the login user/password sql server can access, the login user/password Web.config cannot access although the login user/password sql server reports the above error via Debug.Print (..) Error login sql: System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.AbortCurrentThread() at System.Web.HttpResponse.End() at System.Web.HttpResponse.Redirect(String url, Boolean endResponse, Boolean permanent) at System.Web.HttpResponse.Redirect(String url) at webapp4U.UI.Controls.Controls_MenuLeft.btLogon_Click(Object sender, EventArgs e) in c:\WebSite2010\Controls\Logon.ascx.cs:line 68 Error Web.config: System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.AbortCurrentThread() at System.Web.HttpResponse.End() at System.Web.HttpResponse.Redirect(String url, Boolean endResponse, Boolean permanent) at System.Web.HttpResponse.Redirect(String url) at webapp4U.UI.Controls.Controls_MenuLeft.btLogon_Click(Object sender, EventArgs e) in c:\WebSite2010\Controls\Logon.ascx.cs:line 85

Laxmidhar Sahoo · Answer

hey The button_click event code place in try ---catch block and try to convey the exception

Dong Lam Trien · Answer

hi Jignesh Kumar! I tried it but it didn't work, you see the attached image: http://www.mediafire.com/file/wydeh0jm629lchm/website2010_09.jpg Hi Laxmidhar Sahoo! I already have the library using System.Configuration; this already

Jignesh Kumar · Answer

Hi, Please add !IsPostBack property check in your Logon_Redirect class page_load event. if (!IsPostBack) { if (Page.User.IsInRole(Globals.Settings.AppRoles.KhachHang)) Response.Redirect(Globals.ApplicationPath); else if (Page.User.IsInRole(Globals.Settings.AppRoles.Admin)) Response.Redirect(Globals.ApplicationPath + "WebMaster/Contacts/Contact.aspx" ); }

Laxmidhar Sahoo · Answer

hey Do you add using System.Configuration;

Why can’t I login to the web even though the User and pass ?

Answers (8)