RE: Forms Authentication using SQL Server - problem

thebison,

Since I wrote this up a long time ago, I'm going to just point you to the
article.
That should do the trick. It's not enough just to determine if the username
and password match. Article explains:

http://www.eggheadcafe.com/articles/20020906.asp

Peter
--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com




"thebison" wrote:

Hi everyone,

Quick question, I'm creating a Time*** Application with ASP.NET C# in
Visual Studio 2003. The database has been built using MSDE. I have
followed the MSDN libraries guide to creating forms based
authentication from

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetht03.asp

This works fine, however all the code does is return a message to a
label on screen saying that the user has been authenticated. What I
need is for the application to forward the user on to the default.aspx
form, and allow them to access all subsequent forms from there. I
suspect I need to insert some code in the passwordVerifed part.

if (passwordVerified == true )
{
// The user is authenticated
// At this point, an authentication ticket is normally created
// This can subsequently be used to generate a GenericPrincipal
// object for .NET authorization purposes
// For details, see "How To: Use Forms authentication with
// GenericPrincipal objects
lblMessage.Text = "Logon successful: User is authenticated";


I think it may be something along the lines of
FormsAuthentication.redirect but as I'm a newbie I'm probably wrong!..

As well as this, once I have redirected the verified user to the
correct page, do I then need some additional code at the top of each
form to check the user is verified?

Any help will be much appreciated!
Thanks in advance..

Al


.