This article can also be defined as " How pass an object from one page to another using Session in asp.net 1.0 or asp.net 2.0 application?"
This asp.net tutorial shows how to use session for passing data from one page to other page using asp.net session.
This article is very helpful for validating the user name and password while asp net 2.0 login or asp.net 1.0 login using session. This process validates the user on every page of asp.net 2.0 or asp.net 1.0 website.
The data passed is only valid till the asp net session has not timed out. If the asp net session is timed out then the website redirects it to the asp net login page where the user has to enter the username and password again. The asp net session timeout information can be set as per required by the business.
Ok Lets go to the actual process on how to use asp net session in asp.Net web site development?
First open the asp.net web site or Learn how to develop an web site in .Net
Click on Ok or Submit button on Login.aspx page and include the following code:
Protected Sub cmdOk_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles cmdOk.Click
Dim strUser As String = Me.txtUserName.Text.Trim()
Dim strPass As String = Me.txtPassword.Text.Trim()
If strUser = "" Or strPass = "" Then Exit Sub
Dim usr As User
Try
usr = BUser.AuthenticateUser(strUser, strPass)
If usr Is Nothing Then
lblMsg.Text = "Login failed"
ElseIf usr.SecurityLevel = 0 Then
lblMsg.Text = "You are not allowed in this site"
Else
Session("SFUser") = usr
'Response.Redirect("Default.aspx")
Response.Redirect("~\Forms\AgentAccess.aspx")
End If
Catch ex As Exception
lblMsg.Text = ex.ToString()
End Try
End Sub
In the above code you can see I have picked up username, password from the text box and declared a User Class and got the user information from BUser.AuthenticateUser function. BUser is my Business Layer and Authenticate user function returns me the user information.
If you didn't get the clue about Business Layer then you can Learn How to Develop three tier asp.net Application
Then I have said if the user is nothing then that means the user has failed the login or security level is 0 then the user is prohibited.
Now if the login is successfull then I have put the user in session named "User"
Now lets go to the default.aspx page where the user will be retrieved from the session and check if it is valid.
Declare user on the top if you want to use the user details on this page.
Protected usr As User
On Page_Load event of Default.aspx write the following code:
usr = Session("SFUser")
If usr Is Nothing Then Response.Redirect("~/login.aspx")
Me.lblUser.Text = "Logged in as " & usr.UserID
Here I retrieved the user from the session and checked if it is nothing or not if it is nothing that means the user's session has timed out or the user is not coming from the login page, the user is redirected to the login page.
If the user is valid then I have included user name a Label control.
Enjoy the code and do not forget to comment.
No comments:
Post a Comment