Recent Posts

Sunday, March 15, 2009

How to use Session in asp.net 2.0 web site design?

This article can also be defined as " How pass an object from one page to another using Session in asp.net 1.0 or asp.net 2.0 application?"
This asp.net tutorial shows how to use session for passing data from one page to other page using asp.net session.
This article is very helpful for validating the user name and password while asp net 2.0 login or asp.net 1.0 login using session. This process validates the user on every page of asp.net 2.0 or asp.net 1.0 website.
The data passed is only valid till the asp net session has not timed out. If the asp net session is timed out then the website redirects it to the asp net login page where the user has to enter the username and password again. The asp net session timeout information can be set as per required by the business.
Ok Lets go to the actual process on how to use asp net session in asp.Net web site development?


First open the asp.net web site or Learn how to develop an web site in .Net

Click on Ok or Submit button on Login.aspx page and include the following code:

Protected Sub cmdOk_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles cmdOk.Click
       Dim strUser As String = Me.txtUserName.Text.Trim()
       Dim strPass As String = Me.txtPassword.Text.Trim()
       If strUser = "" Or strPass = "" Then Exit Sub

       Dim usr As User
       Try

       
           usr = BUser.AuthenticateUser(strUser, strPass)

           If usr Is Nothing Then
               lblMsg.Text = "Login failed"
           ElseIf usr.SecurityLevel = 0 Then
               lblMsg.Text = "You are not allowed in this site"
           Else
               Session("SFUser") = usr
               'Response.Redirect("Default.aspx")
               Response.Redirect("~\Forms\AgentAccess.aspx")
           End If
       Catch ex As Exception
           lblMsg.Text = ex.ToString()
       End Try
   End Sub


In the above code you can see I have picked up username, password from the text box and declared a User Class and got the user information from BUser.AuthenticateUser function. BUser is my Business Layer and Authenticate user function returns me the user information.
If you didn't get the clue about Business Layer then you can Learn How to Develop three tier asp.net Application

Then I have said if the user is nothing then that means the user has failed the login or security level is 0 then the user is prohibited.
Now if the login is successfull then I have put the user in session named "User"

Now lets go to the default.aspx page where the user will be retrieved from the session and check if it is valid.
Declare user on the top if you want to use the user details on this page.
Protected usr As User

On Page_Load event of Default.aspx write the following code:

usr = Session("SFUser")
      If usr Is Nothing Then Response.Redirect("~/login.aspx")

      Me.lblUser.Text = "Logged in as " & usr.UserID


Here I retrieved the user from the session and checked if it is nothing or not if it is nothing that means the user's session has timed out or the user is not coming from the login page, the user is redirected to the login page.

If the user is valid then I have included user name a Label control.

Enjoy the code and do not forget to comment.


Related Posts by Categories




No comments:

Post a Comment