I have some forms authentication going on.

Right now I am just checking the username and password from a database in my
login.aspx file in the usual way.

and I have the usual in web.config.

<forms name=".protect" loginUrl="login.aspx" protection="All" timeout="60"
/>

and of course my <authorization> section with the usual entries...

Everything works as it should as far as all that goes...

My question is can my login.aspx file use code.behind so I can hide all that
authentication logic?
I just dont want the end users of this application seeing any authentication
logic as it will just confuse them when they try to edit the login form, its
ok for them to edit the look of the admin form but I just need it to be as
easy as possible for them so they don't go killing the authentication script
sections in there.


The reason I am asking is because I just can not find any authentication
examples where anyone has used code.behind like that in the main forms
authentication login.aspx page.

I guess I am just looking to know if anyone has done this before.

I sorta thing it is doable and I know how to write code.behind but so far I
can't get it to work that way.

and I really thought I posted this under dotnet security..

didn't mean to post it here

sorry



"Kyle Peterson" <kyle342 (AT) hotmail (DOT) com> wrote

I managed to get it all working with code behind.
Sorry to have asked the question. I should have worked on it longer before
posting.



"Kyle Peterson" <kyle342 (AT) hotmail (DOT) com> wrote