Forms Authentication in asp. net (Simplest)

Authentication is often used in creating websites. Several authentication methods are built into asp. net, such as Windows, Froms, Passport and so on. These authentication methods are different. 1 Generally speaking, the authentication method of a website will go through the following steps:

1. Enter your username and password and click OK.

2. Judge whether the user name and password are correct in the background, and return a prompt if it is wrong; If correct, go to an accessible page.

In the ASP era, an Session is usually created after verifying whether the user name and password match, and then whether Session exists is judged in each page to be verified. If it exists, the page content is displayed; If it does not exist, prompt and jump to the login page.

However, in the era of asp. net, this process is greatly reduced, and it is no longer necessary to verify Session in every page that needs to be verified. Only the following steps are needed to complete the authentication process.

Step 1: Modify the web. config file.

1. In < system.web > And < /system.web > Find in < authentication > Section, change it to " < authentication mode="Forms" / > "Where Forms stands for authentication using forms.

2. < system.web > And < /system.web > Add the < authorization > < deny users="?"/ > < /authorization > ", of which" < deny users="?"/ > "Rejects all anonymous users.

Step 2: Create the login. aspx file.

After Step 1, asp. net automatically jumps to the login. aspx page, regardless of which file in the Web site the user accesses, as long as it is not authenticated, and the ReturnUrl parameter is used in URL to pass the Web page the user is currently accessing.

Assuming the user accesses the test. aspx file directly without authentication, asp. net automatically jumps to the login. aspx page, which is "login. aspx? ReturnUrl=% 2ftest. aspx" in the address bar of the browser window, so you can jump the page back to the page specified by the ReturnUrl parameter after authentication.

Step 3: Authenticate in the login. aspx file.

The authentication method is relatively simple. 1 is generally to create a text box and a password box. After the user enters the user name and password, click the Submit button to verify the identity in the database, and the detailed process will not be written. Here, as long as the user name entered is 1 and the password is 2, the authentication is considered to be passed.

Once authentication is complete, use FormsAuthentication. SetAuthCookie () to create an authenticated ticket for the user and add it to Cookie. Later, when you visit other pages in the website, you don't need to use it for authentication. The code after clicking the Submit button is as follows.

protected void Button1_Click(object sender, EventArgs e) 
{ 
 // Authentication method, in this case, the user name is 1 The password is 2 
 if (TextBox1.Text == "1" && TextBox2.Text == "2") 
 { 
  /* 
   *  Create for the user name 1 Authenticate tickets and add them to the response's Cookie Medium  
   * SetAuthCookie The first part of 1 The parameter is the name of the authenticated user.  
   * SetAuthCookie The first part of 2 Parameters are true On behalf of creating a persistence Cookie Saved across browser sessions  Cookie ) for false You want to re-authenticate after closing the browser  
   */ 
  FormsAuthentication.SetAuthCookie(TextBox1.Text, false); 
 } 
 // If URL There is no delivery in ReturnUrl Parameter, jump to the Default.aspx Or jump to ReturnUrl The page specified by the parameter value  
 if (string.IsNullOrEmpty(Request.QueryString["ReturnUrl"])) 
 { 
  Response.Redirect("Default.aspx"); 
 } 
 else 
 { 
  Response.Redirect(Request.QueryString["ReturnUrl"].ToString()); 
 } 
}

The above is the simplest form authentication of asp. net, and then there are more articles about form authentication of asp. net to share with you, hoping to help you learn.