Forms Authentication Roles based

From: Hemlata Shah (hemlata_shah@yahoo.com)
Date: 09/25/02

• Next message: Dirt: "Simple problem with custom errors and forms authentication"
• Previous message: Gary: "RE: How to add custom HttpHeader on Web Service Client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: hemlata_shah@yahoo.com (Hemlata Shah)
Date: 25 Sep 2002 04:45:07 -0700

Hi
   I am creating an application which has 3 roles(x,y,admin)with login
page for each.
currently my code is workin fine for role Y(it has ylogin.aspx as the
login url in web.config)
Now i want to change the login url depending upon the role ...

1)How can i do tht,can anyone help me !!!

code in web.config :
  <authentication mode="Forms">
       <forms name="y.ASPXAUTH" loginUrl="yLogin.aspx"
protection="All" timeout="20" path="/" />
        </authentication>
        <authorization>
                <allow roles="y"/>
                <deny users="*">
                </deny>
        </authorization>

code in cs file
FormsAuthentication.Initialize();

// Create a new ticket used for authentication
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // Ticket version
strLoginName, // Username associated with ticket
DateTime.Now, // Date/time issued
DateTime.Now.AddMinutes(30), // Date/time to expire
true, // "true" for a persistent user cookie
"y", // User-data, in this case the roles
FormsAuthentication.FormsCookiePath); // Path cookie valid for

// Hash the cookie for transport
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new
HttpCookie(FormsAuthentication.FormsCookieName, // Name of auth cookie
hash); // Hashed ticket

// Add the cookie to the list for outgoing response
Response.Cookies.Add(cookie);
// Redirect to requested URL, or homepage if no previous page
requested
string returnUrl = Request.QueryString["ReturnUrl"];
returnUrl = "/iPractice/yHomepage.aspx";

Problem II
2)if for role y ,cookie timeout is 20 mins and session timeout is 20
mins..
after 20 mins if i chek then it doesn't directs me to ylogin.aspx...

Regards
Hemlata Shah

• Next message: Dirt: "Simple problem with custom errors and forms authentication"
• Previous message: Gary: "RE: How to add custom HttpHeader on Web Service Client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Cookies Expiring due to different time zones. ... post to your aspx login, sending the cookie's date in a hidden field ... set the aspx login cookie using the date/time in the hidden field ... This is the code I am using to create the ticket, ... Your problem is that you're using an extremely short time for the cookie expiration. ... (microsoft.public.dotnet.framework.aspnet) Re: using a shared session ... you will have to pass the ticket to site. ... they will be prompted for a login. ... | We have 3 different web applications on three different websites (and ... | and is saved in the cookie for that session. ... (microsoft.public.dotnet.framework.aspnet) Re: Cookies Expiring due to different time zones. ... cookie is setting time according to my server. ... just not able to login. ... perfectly fine on my PC and many other PCs which have correct time. ... This is the code I am using to create the ticket, ... (microsoft.public.dotnet.framework.aspnet) cookie value being garbled. ... Each request to the site refreshes the ticket (stored in a cookie). ... together then the next request after the login OK page receives ... (microsoft.public.dotnet.framework.aspnet) Forms Authentication ... Can anyone suggest an example of Forms Authentication? ... This the code I'm using to the cookie, but as far I can tell, this should ... FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( ... string hash = FormsAuthentication.Encrypt; ... (microsoft.public.dotnet.framework.aspnet)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint