Using session for user authentication in asp.net c#
First of all you have to edit web.config and set session timeout attribute.
<configuration>
<system.web>
<sessionState timeout="200"></sessionState>
</system.web>
</configuration>
Another issue is the use of IsPostBack block.
protected void Page_Load(object sender, EventArgs e)
{
if (Session["login"] != null && Session["db"] != null)
{
String DB = "";
String AccountID = "";
AccountID = Session["login"].ToString();
DB = Session["db"].ToString();
Label9.Text = AccountID;
HiddenField1.Value = DB.ToString();
DropDown a = new DropDown();
a.filldropdown1(this.DropDownList1, DB);
}
else
{
Response.Redirect("log.aspx");
}
}
Ishan
Hello i am into ASP.net C#/ Sharepoint development and constantly learning in order to expertise in the field.
Updated on June 04, 2022Comments
-
Ishan almost 2 years
I am using session to authenticate a user. I have 2 web pages in my project. One is webform and other one is
EntryForm.aspx
and other one islog.aspx
In log.aspx i have done
protected void Button1_Click(object sender, EventArgs e) { user_login loginu = new user_login(); String uid_db = loginu.login(this.DropDownList1, this.TextBox1, this.TextBox2, this.Label5); if (uid_db == "invalid") { Label5.Visible = true; Label5.Text = "Invalid Login"; } else { string uname = uid_db.Substring(0, uid_db.IndexOf(",")).Trim(); string[] tokens = uid_db.Split(','); string dbname = tokens[tokens.Length - 1]; Session["login"] = uname; Session["db"] = dbname; Response.Redirect("EntryForm.aspx"); } }
In class
user_login
I am taking the password stored in the database and matching it with the value entered by user. if it finds a value i redirect it to EntryForm.aspx. In which i check for session variable as followsprotected void Page_Load(object sender, EventArgs e) {// CHEK SESSION VARIABLE AND LOAD dropdownlist1 WITH VALUES if (!IsPostBack) { String DB = ""; String AccountID = ""; if (Session["login"] != null && Session["db"] != null) { AccountID = Session["login"].ToString(); DB = Session["db"].ToString(); Label9.Text = AccountID; } else { Response.Redirect("log.aspx"); } HiddenField1.Value = DB.ToString(); DropDown a = new DropDown(); a.filldropdown1(this.DropDownList1, DB); } }
This is what i have done do authenticate a user. On server i have done the following configuration:
I have done no settings in
Global.asax
nor anything isweb.config
. I have seen many forum whereinGlobal.asax
andweb.config
is configured.I want to know what do i need to do in my project in order to be very efficient to work. I am facing problem with session timeout. I have set it to 20 mins on my server but sometimes suddenly i get logged out.
Please help me to understand using session for authentication.
-
Ishan over 12 yearsThank You so much, i want to know what wrong was i doing and whether the configuration on server regarding session is proper.
-
KV Prajapati over 12 years@Ishan - In your code-snippet, statements inside IsPostBack block will be executed on first page load. However you may check IsPostBack property inside the if body where session attributes are checked.