How to do form authentication using sql server as database in ?


Since you are knowing that form authentication is more secure as compare to other authentication in You can read more on “Authentication and authorization” from this excellent artical.
Authentication and authorization

We can do form authentication using sql server as database in as given bellow steps

Step1: Take a “Login” Control from Toolbox and kept on “Login.aspx” page.

Step2: Create “Home.aspx” page which will display after proper authentication.

Step3: Now click on “Login1_Authenticate” event of “Login” control of Login.aspx page and write the code like this

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
using System.Web.Security;

public partial class _Default : System.Web.UI.Page
    protected void Page_Load(object sender, EventArgs e)

    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
        using (SqlConnection con = new SqlConnection(" Here will be your connection string"))
            using (SqlCommand cmd = new SqlCommand("Select UserName,Password from tblLogin where UserName=@UserName and Password=@Password", con))
                cmd.Parameters.AddWithValue("@UserName", Login1.UserName);
                cmd.Parameters.AddWithValue("@Password", Login1.Password);
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                DataTable dt = new DataTable();
                if (dt.Rows.Count > 0)
                    //This code is generating the Cookies 
                    FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);


Step4: Now go to webconfig file and make the configuration like this

 <authentication mode="Forms">
      <forms defaultUrl="Home.aspx" loginUrl="~/Login.aspx"
      slidingExpiration="true" timeout="20">
      <deny users="?"/>

If authentication will be sucessful then it will display “Home.aspx”.


5 thoughts on “How to do form authentication using sql server as database in ?

  1. Clyde March 6, 2013 / 11:41 pm

    I want to express appreciation to you for rescuing
    me from such a situation. Because of searching
    through the internet and coming across things which were not helpful,
    I figured my life was done. Living without the strategies
    to the problems you have fixed through this short post is a serious case, as well as those that could have in a wrong way damaged my career if I hadn’t noticed your blog. Your understanding and kindness in touching every item was important. I am not sure what I would’ve done if I had not encountered such a solution like this.
    I am able to at this moment look ahead to my future.
    Thanks very much for this impressive and effective
    guide. I will not be reluctant to endorse your
    web site to anybody who ought to have direction about this problem.

    • Chandra Dev March 7, 2013 / 7:15 am

      You are welcome and thanks for sending your kind reply to motivate me to write good post like this.

  2. samyek10 June 27, 2014 / 8:05 am

    I have made a webpage with log-in module. After an user log out, if the any logged webpage’s url is entered manually the authenticated page till display. Can you show how to prevent this?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.