ASP.Net 4 Login Control in VB.NET
Login use to give access right to restricted pages means protected from unauthorized users. When you create a login page, you should name it Login.aspx because ASP.Net looks for a page with this name when it attempts to authenticate a user.
I want to present something different about login control and how it will move to another page. Few times you have seen, users have no permission to access some specific pages on that time users automatically redirect to Login.aspx. When Login.aspx page redirected a query string ReturnUrl is automatically added to page (see figure 4). ReturnUrl query string represents the full path that you originally requested. When you completed your login process you automatically redirect your original page.
First add two hyperlinks in default page named them Secret Page and Login page (see Default.aspx). Direct the Secret Page to Secret.aspx that is in Secret folder and Login Page to Login.aspx using Navigator (NavigateUrl property).
Default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:HyperLink runat="server" ID="idhyper1" Text="Secret Page"
NavigateUrl="~/Secret/Secret.aspx" EnableTheming="False"Font-Underline="False"></asp:HyperLink>
<asp:HyperLink runat="server" ID="idhyper2" Text="Login Page"
NavigateUrl="~/Login.aspx" EnableTheming="False" Font-Underline="False"></asp:HyperLink>
</div>
</form>
</body>
</html>
Second add two new Web Forms in application. First Login.aspx must be added in the root of application and second Secret.aspx added in the Secret folder just like showing below figure.
Figure 1
Add one line in Secret.aspx page it will show whenever you direct to that page.
Secret.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Secret.aspx.cs" Inherits="Secret_Secret" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<h1>
This is secret Page
</h1>
</div>
</form>
</body>
</html>
Add Login control in Login.aspx page. Login control used to create a login form. If you are existing user than you can easily otherwise you should fill the registration from. To create a registration form you should add two properties:
- CreateUserText: Display text on the login form.
- CreateUserUrl: Direct user to CreateUserWizard.
We will explain the benefit of DestinationPageUrl property but in this scenario, once you filled your login form you will direct to CheckPage.aspx. If you not use DestinationPageUrl properyt, than Login control direct user to Default.aspx page.
Add Web.config in Secret folder to protect secret page (Secret.aspx) from unwanted/ unauthorized users (see figure 1).
Web.config
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Login.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login ID="idlogin" runat="server"
CreateUserText="Sign up"
CreateUserUrl="~/CreateUserWizard.aspx"
DestinationPageUrl="~/CheckPage.aspx"
Font-Underline="false"
HyperLinkStyle-Font-Underline="false">
</asp:Login>
</div>
</form>
</body>
</html>
We have used CreateUSerUrl property in login control that direct user to CreateUserWizard.aspx page.
CreateUserWizard.aspx page contain CreateUserWizard control that give a form to user. This form contain all the neccesary detail of the user. CreateUserWizard control use ContinueDestinationPageUrl property it will direct user to Login.aspx page in this scenario.
CreateUserWizard.aspx
<%@ Page Language="C#" AutoEventWireup="true" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:CreateUserWizard ID="idcreateuserwizard" runat="server"
ContinueDestinationPageUrl="~/Login.aspx"></asp:CreateUserWizard>
</div>
</form>
</body>
</html>
Add a Check Page in application to know how DestinationPageUrl property of Login control direct to Check Page. Add one line in Check Page to know that users directed to Check Page.
CheckPage.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="CheckPage.aspx.cs" Inherits="CheckPage" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<h1>
This is a Check Page
</h1>
</div>
</form>
</body>
</html>
Before debugging your application use the SetAsStartPage property on Default.aspx page (see the below figure).
Figure 2
Now debug the application, you will see the first Default.aspx page (see the below figure). There are two hyperlinks (Secret Page and Login Page). If you click on Secret Page you will not move to Secret.aspx because Secret.aspx can access only authorized users. This is happening because of Web.config file in Secret folder.
Figure 3
Login form appears in place of Secret.aspx. One thing you should know how user will redirect to secret page (Secret.aspx) after completing the login form. One more thing you know that a query string parameter named ReturnUrl is automatically added to the page request on address bar of internet explorer.
Figure 4
If you are authorized user you can log in by using your User Name and Password. When you click on Log In button you will redirect to Secret page that you actually called (see below figure).
Figure 5
You first process is completed to see Secret.aspx page, now we move to see Check page and see what happen to reach on destination.
Figure 6
Now click on Login Page hyperlink, it direct you to Login.aspx page there you see again login form.See the address bar of Login.aspx there is no ReturnUrl but when we called Secret Page there was ReturnUrl, This is happened because in Login.aspx we directly navigate from Login Page hyperlink.
Figure 7
Click on Log in Button to direct on Check Page (see the below figure) because we set DestinationPageUrl="~/CheckPage.aspx" property in login control.
Figure 8
If You not set this property you will automatically navigate to Default.aspx page.
Login.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login ID="idlogin" runat="server" CreateUserText="Sign up" CreateUserUrl="~/CreateUserWizard.aspx"
Font-Underline="false" HyperLinkStyle-Font-Underline="false"></asp:Login>
</div>
</form>
</body>
</html>
In above code there is no DestinationPageUrl property whenever you click on Log In button. You automatically redirected to Default.aspx page.
Figure 9