Sign In| Join
Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 22, 2012 05:56 PM by Bahare Feizi
Member
30 Points
39 Posts
Nov 21, 2012 08:38 PM|LINK
Hi all,
I've got this code in my global.asax file
protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName.ToString()]; if (authCookie != null) { FormsAuthenticationTicket MyTicket; MyTicket = FormsAuthentication.Decrypt(authCookie.Value); FormsIdentity MyIdentity = new FormsIdentity(MyTicket); GenericPrincipal MyPrincipal = new GenericPrincipal(MyIdentity, MyTicket.UserData.Split(new char[] { ',' })); Context.User = MyPrincipal; } }
and in my login button click event
protected void btn_login_Click(object sender, EventArgs e) { if (GetMemberAuthenticate(txt_uname.Text, FormsAuthentication.HashPasswordForStoringInConfigFile(txt_pass.Text, "MD5"))) { string role = GetMemberRoleByID(txt_uname.Text); DateTime expiration; if (chk_rememberme.Checked) { expiration = DateTime.Now.AddMonths(1); } else { expiration = DateTime.Now.AddMinutes(30); } FormsAuthenticationTicket AuthTicket = new FormsAuthenticationTicket(1, txt_uname.Text, DateTime.Now, expiration, false, role); string encryptedTicket = FormsAuthentication.Encrypt(AuthTicket); HttpCookie AuthCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(AuthCookie); string[] temp = role.Split(','); for (int i = 0; i < temp.Length; i++) { if (temp[i]=="Admin") { Response.Redirect("AdminPage.aspx"); } } Response.Redirect(FormsAuthentication.GetRedirectUrl(txt_uname.Text, chk_rememberme.Checked)); } else { lbl_login.Visible = true; } }
and the problem is when I login with username for example
username:a
I can login without signout with username: b , without closing the browser.
please help me!
Thanx.
Excuse me i undrestand English but i can't speack well.
Nov 22, 2012 07:41 AM|LINK
OMG I test bulit in login control and CUW and the problem was the same!
what's the solution?
Contributor
5399 Points
1098 Posts
Nov 22, 2012 07:50 AM|LINK
Hi,
Place your authenticated status checking at the login form and redirect user to the default landing page if authenticated.
Nov 22, 2012 11:00 AM|LINK
tanks alot dear CruzerB
I made login (two textbox, a button, ....) as a user control and i placed it into masterpage.
and my login page is Default.aspx
This is a part of my web.config
<authentication mode="Forms"> <forms loginUrl="Default.aspx" defaultUrl="~/"></forms> </authentication>
I think in this situation I think your Idea doesn't work?am I right?
Nov 22, 2012 05:56 PM|LINK
The problem solved.
I added code below in login button click event
if (Page.User.Identity.IsAuthenticated) { Response.Redirect("Default4.aspx"); }
and in Defautl4.aspx page I wrote a message (for example, Please Logout) and then put a button in page and wrote sign out codes in
click event of that
tanx alot
Bahare Feizi
Member
30 Points
39 Posts
why a user that the user still has not been logged out can login with other username?
Nov 21, 2012 08:38 PM|LINK
Hi all,
I've got this code in my global.asax file
protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName.ToString()]; if (authCookie != null) { FormsAuthenticationTicket MyTicket; MyTicket = FormsAuthentication.Decrypt(authCookie.Value); FormsIdentity MyIdentity = new FormsIdentity(MyTicket); GenericPrincipal MyPrincipal = new GenericPrincipal(MyIdentity, MyTicket.UserData.Split(new char[] { ',' })); Context.User = MyPrincipal; } }and in my login button click event
protected void btn_login_Click(object sender, EventArgs e) { if (GetMemberAuthenticate(txt_uname.Text, FormsAuthentication.HashPasswordForStoringInConfigFile(txt_pass.Text, "MD5"))) { string role = GetMemberRoleByID(txt_uname.Text); DateTime expiration; if (chk_rememberme.Checked) { expiration = DateTime.Now.AddMonths(1); } else { expiration = DateTime.Now.AddMinutes(30); } FormsAuthenticationTicket AuthTicket = new FormsAuthenticationTicket(1, txt_uname.Text, DateTime.Now, expiration, false, role); string encryptedTicket = FormsAuthentication.Encrypt(AuthTicket); HttpCookie AuthCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(AuthCookie); string[] temp = role.Split(','); for (int i = 0; i < temp.Length; i++) { if (temp[i]=="Admin") { Response.Redirect("AdminPage.aspx"); } } Response.Redirect(FormsAuthentication.GetRedirectUrl(txt_uname.Text, chk_rememberme.Checked)); } else { lbl_login.Visible = true; } }and the problem is when I login with username for example
username:a
I can login without signout with username: b , without closing the browser.
please help me!
Thanx.
Excuse me i undrestand English but i can't speack well.
Bahare Feizi
Member
30 Points
39 Posts
Re: why a user that the user still has not been logged out can login with other username?
Nov 22, 2012 07:41 AM|LINK
OMG I test bulit in login control and CUW and the problem was the same!
what's the solution?
CruzerB
Contributor
5399 Points
1098 Posts
Re: why a user that the user still has not been logged out can login with other username?
Nov 22, 2012 07:50 AM|LINK
Hi,
Place your authenticated status checking at the login form and redirect user to the default landing page if authenticated.
My Technical Blog
Bahare Feizi
Member
30 Points
39 Posts
Re: why a user that the user still has not been logged out can login with other username?
Nov 22, 2012 11:00 AM|LINK
tanks alot dear CruzerB
I made login (two textbox, a button, ....) as a user control and i placed it into masterpage.
and my login page is Default.aspx
This is a part of my web.config
I think in this situation I think your Idea doesn't work?am I right?
Bahare Feizi
Member
30 Points
39 Posts
Re: why a user that the user still has not been logged out can login with other username?
Nov 22, 2012 05:56 PM|LINK
The problem solved.
I added code below in login button click event
if (Page.User.Identity.IsAuthenticated) { Response.Redirect("Default4.aspx"); }and in Defautl4.aspx page I wrote a message (for example, Please Logout) and then put a button in page and wrote sign out codes in
click event of that
tanx alot