Ich mache eine Authentifizierung über Form Auth.
Ich habe folgende Verzeichnisstruktur
Im Webroot liegen meine ASPX Dateien und folgende web.config
-----------------------------------------------------------------------------------
<authentication mode="Forms" >
<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/">
</forms>
</authentication>
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<deny users="?" />
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
------------------------------------------------------------------------meine login.aspy.cs
using System;
using System.Configuration;
using System.Web.Security;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Data.OleDb;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
namespace license
{
/// <summary>
/// Summary description for WebForm1.
/// </summary>
public class WebForm1 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Label Msg;
protected System.Web.UI.WebControls.Button LoginBtn;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
protected System.Web.UI.WebControls.TextBox UserPass;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
protected System.Web.UI.WebControls.TextBox UserName;
protected System.Web.UI.WebControls.CheckBox chkRememberMe;
protected System.Web.UI.HtmlControls.HtmlForm Form1;
private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
}
#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form Designer.
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.LoginBtn.Click += new System.EventHandler(this.LoginBtn_Click);
this.Load += new System.EventHandler(this.Page_Load);
}
#endregion
private void LoginBtn_Click(object sender, System.EventArgs e)
{
// authenticating the user and redirecting to the next page if the user is authenticated
}
private void btnLogin_ServerClick(object sender, System.EventArgs e)
{
//name of querystring parameter containing return URL
const String QS_RETURN_URL = "ReturnURL";
OleDbConnection dbConn = null;
OleDbCommand dCmd = null;
OleDbDataReader dr = null;
String strConnection = null;
String strSQL = null;
String nextPage = null;
try
{
//get the connection string from web.config and open a connection to the database
strConnection = ConfigurationSettings.AppSettings["dbConnectionString"];
dbConn = new OleDbConnection(strConnection);
dbConn.Open();
//check if user does exist in the database:
strSQL = "SELECT * FROM user WHERE Name=? AND Password=?";
dCmd = new OleDbCommand(strSQL, dbConn);
dCmd.Parameters.Add(new OleDbParameter("Name",UserName));
dCmd.Parameters.Add(new OleDbParameter("Password",UserPass));
dr = dCmd.ExecuteReader();
if(dr.Read())
{
//user credentials were found--> notify the system that the user is authentificated
FormsAuthentication.SetAuthCookie((String)(dr["UserName"]), chkRememberMe.Checked);
//get next page for the user
if(Request.QueryString[QS_RETURN_URL]!=null)
{
//user attempted to access a page without logging in so redirect them to the originally requested page
nextPage = Request.QueryString[QS_RETURN_URL];
}
else
{
//user came straight to the login page so just send them to the index page
nextPage = "index.aspx";
}
//redirect user to the next page
//This must be a Response.Redirect to write the cookie to the user's browser. Do not change to server.
//Transfer which does not cause around trip to the client browser and thus will not write the authentication cookie to the client browser.
Response.Redirect(nextPage, true);
}//dr.Read
else
{
//user credentials do not exist in the database - in a production application this should output an error message
//telling the user that the login ID or password was false
}
} //try
finally
{
//cleanup
if (dr!=null)
{
dr.Close();
}
if (dbConn != null)
{
dbConn.Close();
}
}//finally
}//btnLogin_ServerClick
}
}
-----------------------------------------------------------------
aber das anmelden funzt nicht, ich werde nicht weitergeleitet. Stimmt da was mit der Datenbankverbindung nicht?
Wo geb ich den Namen für die Datenbank an, oder reicht eh nur der Tabellenname?
Ich verwende Windows Server 2003 und Sql Server 2000.
Kann mir jemand helfen?
liebe Grüße,
Andrea
