Securing your site with web.config: ASP Alliance

Print Add To Favorites Email To Friend Rate This Article
Securing your site with web.config

page 4 of 5

by . .
Feedback

Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 22208/ 36

Article Contents:

Username & Password Storage

U/P Storage

There is another way to get username and password data rather than from a database or what we did before. By using the <credentials> tag we can provide usernames and passwords for users.

<credentials passwordFormat="Clear">
<user name="philipq" password="password" />
</credentials>

This goes within the <authenticate> tags and you can just add more users and needed. The passwordFormat can be Clear, MD5 or SHA1 which is the format that the passwords are encrypted in.

You then have to modify your login.aspx code like this -

<script language="VB" runat="server" />
Sub btn_click(sender as object, e as eventargs)
If FormsAuthentication.Authenticate(uname.text, pword.text) Then
FormsAuthentication.SetAuthCookie(uname.text, true)
Response.Redirect("seethis.aspx")
Else
lblmsg.Text = "Invalid username or password"
End If
End Sub
</script>

The Authenticate method takes in the username and password and returns true or false.

« (Page 3)

View Entire Article

(Page 5) »

User Comments

Title: great
Name: jhon
Date: 2004-09-09 3:51:04 AM
Comment:
this is great!!!!!

Title: great
Name: great
Date: 2004-09-09 3:50:17 AM
Comment:
this is great!!!!!!11

Product Spotlight