cs file code validateadmin from database through validateadmin() method first
void validateuser(string id, string pass)
{
string ob = Request.QueryString["returnurl"];
if (validateadmin())
{
if (ob == null)
{
FormsAuthentication.Initialize();
string strrole = null;
strrole = "admin";
FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1, userid.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false, strrole, FormsAuthentication.FormsCookiePath);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)));
Response.Redirect("~/Admin/adminMain.aspx");
}
else
{
FormsAuthentication.RedirectFromLoginPage(userid.Text, false);
}
}
else
{
lblmsg.Visible = true;
lblmsg.Text = "wrong user id or password";
}
}
then
in global.asax
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (this.Context.Request.IsAuthenticated)
{
string str = null;
if ((HttpContext.Current.User.Identity.Name.ToLower() == "admin"))
{
str = "admin";
}
else
{
str = "usr";
}
string[] roles = new string[2];
roles[0] = str;
Context.User = new System.Security.Principal.GenericPrincipal(this.Context.User.Identity, roles);
}
}
in webconfig
<appsettings>
<add key="ConnectionString" value="con" />
<add key="strrole" value="usr" />
</appsettings>
<system.web>
<customerrors mode="Off" />
<compilation debug="true" targetframework="4.0" />
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="FlashUpload" path="/"></forms>
</authentication>
</system.web>