How to Implement a page with a "pre-login" link and authnentication form?

Question

User-273539960 posted

Hi,

I am not sure exactly this is called, but I am trying to create a small test application where, when you access it, it presents a page with a link on it, and then when you click on the link, a login form becomes visible (and the link disappears).  The login form, which allows the user to enter username and password, will then authenticate the user using IIS/ASP.net forms authentication.  

The other thing is that I want the URI to not change, both to get to initial page and when the login form appears.

Can this be done with ASP.net? 

I already have a simple form authentication test (basically an example from one of the MS pages) working.  What would I need to add to that to implement the above behavior?

My logon.aspx:

<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>

<script runat="server">
  Sub Logon_Click(ByVal sender As Object, ByVal e As EventArgs)
    If ( (UserPass.Text = "XXXXXXXX")) Then
      FormsAuthentication.RedirectFromLoginPage _
           (UserEmail.Text, Persist.Checked)
    Else
      Msg.Text = "Invalid credentials. Please try again."
    End If
  End Sub
</script>

<html>
<head id="Head1" runat="server">
  <title>Forms Authentication - Login</title>
</head>
<body onload="document.getElementById('UserEmail').focus();">
  <form id="form1" runat="server" defaultfocus="UserEmail">
    <h3>
      Logon Page</h3>
    <table>
      <tr>
        <td>
          E-mail address:</td>
        <td>
          <asp:TextBox ID="UserEmail" runat="server" /></td>
        <td>
          <asp:RequiredFieldValidator ID="RequiredFieldValidator1" 
            ControlToValidate="UserEmail"
            Display="Dynamic" 
            ErrorMessage="Cannot be empty." 
            runat="server" />
        </td>
      </tr>
      <tr>
        <td>
          Password:</td>
        <td>
          <asp:TextBox ID="UserPass" TextMode="Password" 
            runat="server" />
        </td>
        <td>
          <asp:RequiredFieldValidator ID="RequiredFieldValidator2" 
            ControlToValidate="UserPass"
            ErrorMessage="Cannot be empty." 
            runat="server" />
        </td>
      </tr>
      <tr>
        <td>
          Remember me?</td>
        <td>
          <asp:CheckBox ID="Persist" runat="server" /></td>
      </tr>
    </table>
    <asp:Button ID="Submit1" OnClick="Logon_Click" Text="Log On"  
       runat="server" />
    <p>
      <asp:Label ID="Msg" ForeColor="red" runat="server" />
    </p>
  </form>
</body>
</html>

My Default.aspx:

<%@ Page Language="VB" %>
<html>
<head>
  <title>Forms Authentication - Default Page</title>
</head>

<script runat="server">
  Sub Page_Load(ByVal Src As Object, ByVal e As EventArgs)
    Welcome.Text = "Hello: [" & Context.User.Identity.Name & "] - You entered the right password!<BR>"
  End Sub

  Sub Signout_Click(ByVal sender As Object, ByVal e As EventArgs)
    FormsAuthentication.SignOut()
    Response.Redirect("Logon.aspx")
  End Sub
</script>

<body>
  <h3>
    Using Forms Authentication</h3>
<HR>
  <asp:Label ID="Welcome" runat="server" />

<P>
<a href="./target.aspx">Click here to Dump Headers</a>

<HR>
  <form id="Form1" runat="server">
    <asp:Button ID="Submit1" OnClick="Signout_Click" 
       Text="Sign Out" runat="server" /><p>
  </form>

</body>
</html>

My web.config:

<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
    <system.web>
	<authentication mode="Forms">
		<forms cookieless="UseCookies" domain=".mydomain.com" loginUrl="Logon.aspx" name=".ASPXFORMSAUTH" protection="None" timeout="3000"></forms>
	</authentication>

	<authorization>
		<deny users="?" />
	</authorization>

    </system.web>
</configuration>

Answer 1

User1724605321 posted

Hi jimcpl100,

The other thing is that I want the URI to not change, both to get to initial page and when the login form appears.

One way is use link button :

<asp:LinkButton ID="LinkButton1" runat="server" OnClick="LinkButton1_Click">Click here to Dump Headers</asp:LinkButton>

And in code behind to redirect user to logon.aspx using  Server.Transfer("logon.aspx") :

   Protected Sub LinkButton1_Click(sender As Object, e As EventArgs)
        Server.Transfer("logon.aspx")
      
    End Sub

Server.Transfer() does not change the address bar. You cannot hit back.

Another way is using iframe to load the logon.aspx :

<html>
<head>
  <title>Forms Authentication - Default Page</title>
</head>

<script runat="server">
    Sub Page_Load(ByVal Src As Object, ByVal e As EventArgs)
        Welcome.Text = "Hello: [" & Context.User.Identity.Name & "] - You entered the right password!<BR>"
    End Sub

    Sub Signout_Click(ByVal sender As Object, ByVal e As EventArgs)
        FormsAuthentication.SignOut()
        Response.Redirect("Logon.aspx")
    End Sub

        Protected Sub LinkButton1_Click(sender As Object, e As EventArgs)
            myFrame.Visible = True
            myFrame.Attributes("src") = "logon.aspx"
            LinkButton1.Visible = False


        End Sub
</script>

<body>
  <h3>
    Using Forms Authentication</h3>
<HR>
  <asp:Label ID="Welcome" runat="server" />
</HR>
    

  <form id="Form1" runat="server" >
      <iframe id="myFrame" runat="server"
         width="100%" height="600" visible="false">

    Your browser doesn't support iframes

</iframe>
<asp:LinkButton ID="LinkButton1" runat="server" OnClick="LinkButton1_Click">Click here to Dump Headers</asp:LinkButton>

    <asp:Button ID="Submit1" OnClick="Signout_Click" 
       Text="Sign Out" runat="server" /><p>
  </form>

</body>
</html>

Best Regards,

Nan Yu