Professional Documents
Culture Documents
Gio trnh
11.2 To cc i tng dng chung 11.3 To tng truy cp d liu 11.4 To tng x l nghip v 11.5 La chn tch hp cho ng dng 11.6 To tng trnh by Chng 12: Xy dng ng dng 12.1 Pht trin danh mc sn phm 12.2 Xy dng Gi hng 12.3 Tch hp thanh ton trc tuyn 12.4 Ci t X l kim tra 12.5 Xy dng cc iu khin qun tr. 12.6 Xy dng ti khon khch hng Chng 13: trin khai v bo tr ng dng
Ni Dung
<div> y l trang web c bo mt </div> </form> </body> </html> Khi chy, trang s hin th dng ch y l trang web c bo mt bo mt cho trang web ny bn cn thit lp hai cu hnh trn ng dng ca bn, cn cu hnh c authentication v authorization. u tin bn cn thit lp authentication v mode=Forms trong file web.config trong th mc gc. Listing 1.2 web.config <system.web> <authentication mode="Forms" /> </system.web> Bi mc nh tt c mi ngi c th truy cp vo website, nu bn ngn cn ngi s dng truy cp vo th mc no bn cu hnh authortization cho th mc , trong Listing 1.3 sau s ngn cn ngi s dng truy cp vo th mc Baomat. Listing 1.3 Baomat/web.config <configuration> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> </configuration> Khi bn thit lp hai cu hnh trn th khi website ca bn yu cu ti trang Secret.aspx th ng website s t ng chuyn v trang login.aspx Listing 1.4 Login.aspx <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Trang dang nhap</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Login ID="loginVidu" CreateUserUrl="~/Register.aspx" CreateUserText="ng k" runat="server">
</asp:Login> </div> </form> </body> </html> Giao din trang Login.aspx (Hnh 1) Trong Listing 1.4 bn iu khin Login c hai thuc tnh CreateUserText, CreateUserUrl N s a ra mt link vi Text l ng k v mt a ch URL dn ti trang ng k trong trng hp ny l trang Register.aspx. Tp tin nh km:
.login { width:250px; font:14px Verdana,Sans-Serif; background-color:lightblue; border:solid 3px black; padding:4px; } .login_title { background-color:darkblue; color:white; font-weight:bold; } .login_instructions { font-size:12px; text-align:left; padding:10px; } .login_button { border:solid 1px black; padding:3px; } </style> </head> <body> <form id="form1" runat="server"> <div> <asp:Login ID="Login1" InstructionText="Bn cn nhp tn ng nhp v mt khu ng nhp" TitleText="ng nhp" TextLayout="TextOnTop" LoginButtonText="ng nhp" CssClass="login" TitleTextStyle-CssClass="login_title" InstructionTextStyle-CssClass="login_instructions" LoginButtonStyle-CssClass="login_button" runat="server"> </asp:Login> </div> </form> </body> </html> Kt xut ca chng trnh trn
Hnh 2 1.2.1 T ng chuyn trang ti mt trang ch nh Nu bn yu cu 1 trang m bn cha c kim chng, ASP.NET s t ng chuyn bn ti trang Login.aspx. Sau khi bn ng nhp thnh cng, n s chuyn bn ngc li ti trang yu cu. Khi bn b chuyn sang trang Login.aspx, mt chui truy vn tham s t tn l ReturnUrl c t ng thm vo trang yu cu, Chui truy vn ny s cha ng ng dn ca trang yu cu, iu khin Login s s dng tham s ReturnUrl ny chuyn trang tr li trang ngun. 1.2.2 T ng n iu khin Login khi kim chng ngi s dng Mt vi website hin th iu khin trn nh tt c cc trang, khi ngi s dng ng nhp thnh cng th iu khin ny t ng n i. lm iu ny tht n gin trn ASP.NET, bn ch cn thm vo mt iu khin Login trn MasterPage, v iu khin login ny c th hin th trn tt c cc trang c s dng MasterPage. Bn c th s dng thuc tnh Orientation hin th iu khin Login ny theo chiu ngang hoc chiu dc nh v d sau: Listing 1.6 Main.master M: <%@ Master Language="C#" AutoEventWireup="true" CodeFile="Main.master.cs" Inherits="Main" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>iu khin Login</title> <style type="text/css"> body { background-color:#e5e5e5; } .content { margin:auto; width:650px; border:solid 1px black; background-color:white; padding:10px; } .login { font:10px Arial,Sans-Serif; margin-left:auto;
} .login input { } </style> </head> <body> <form id="form1" runat="server"> <div id="content"> <asp:Login id="loginVidu" Orientation="Horizontal" VisibleWhenLoggedIn="false" DisplayRememberMe="false" TitleText="" CssClass="login" Runat="server" /> <hr /> <asp:contentplaceholder id="ContentPlaceHolder1" runat="server"> </asp:contentplaceholder> </div> </form> </body> </html> Trang loginMaster.aspx <%@ Page Language="C#" MasterPageFile="~/Main.master" AutoEventWireup="true" CodeFile="loginMaster.aspx.cs" Inherits="loginMaster" Title="Untitled Page" %> <asp:Content ID="Content1" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server"> <h1>Cho mng bn n vi website ca chng ti</h1> </asp:Content> Kt xut ca chng trnh Hnh 3 1.2.3 S dng Templete iu khin Login bao gm thuc tnh LayoutTemplate cho php bn ty chnh cch th hin ca iu khin Login. Khi bn thm vo mt mu hin th, bn cn thm vo iu khin v Temple cc ID sau: UserName Password RememberMe FailureText
V bn cn thm vo mt thuc tnh CommandName vi gi tr Login Listing 1.7 LoginTemplete.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="LoginTemplate.aspx.cs" Inherits="LoginTemplate" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Trang ng nhp</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Login ID="Login1" runat="server"> <LayoutTemplate> <asp:Label ID="lblusername" runat="server" Text="Tn ng nhp"></asp:Label><br /> <asp:TextBox ID="UserName" runat="server"></asp:TextBox><br /> <asp:Label ID="lblpass" runat="server" Text="Mt khu"></asp:Label><br /> <asp:TextBox ID="Password" runat="server"></asp:TextBox><br /><br /> <asp:Button ID="btnLogin" CommandName="Login" Text="ng nhp" runat="server" /> </LayoutTemplate> </asp:Login> </div> </form> </body> </html> Kt xut ca chng trnh Hnh 4 1.2.4 Thc hin ty chnh kim chng vi iu khin Login Mc nh, iu khin Login s dng ASP.NET MenberShip kim chng tn s dng v mt khu. Nu bn cn thay i ng xa mc nh bn c th iu khin s kin Authenticate ca iu khin Login nh v d di y. Listing 1.8 Web.config M: <configuration> <appSettings/> <connectionStrings/> <system.web>
<authentication mode="Forms"> <forms> <credentials passwordFormat="Clear"> <user name="Thietke" password="itechpro"/> <user name="Daotao" password="itechpro"/> </credentials> </forms> </authentication> </system.web> </configuration> Trang LoginCustom.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="LoginCustom.aspx.cs" Inherits="LoginCustom" %> <script runat="server"> protected void loginCustom_Authenticate(object sender, AuthenticateEventArgs e) { string userName = loginCustom.UserName; string Password = loginCustom.Password; e.Authenticated = FormsAuthentication.Authenticate(userName, Password); } </script> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Login Custom</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Login ID="loginCustom" OnAuthenticate="loginCustom_Authenticate" runat="server"> </asp:Login> </div> </form> </body> </html>
CreateUserWizard s dng ASP.NET MenberShip to mt ngi s dng mi. iu khin CreatUserWizsrd h tr rt nhiu thuc tnh cho php bn ty chnh cch hin th v ng x nh v d sau: Listing 1.9 showCreateUserWizard.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="showCreateUserWizard.aspx.cs" Inherits="showCreateUserWizard" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Hin th Form ng k ngi s dng</title> <style type="text/css"> .createUser { width:350px; font:14px Verdana,Sans-Serif; background-color:lightblue; border:solid 3px black; padding:4px; } .createUser_title { background-color:darkblue; color:white; font-weight:bold; } .createUser_instructions { font-size:12px; text-align:left; padding:10px; } .createUser_button { border:solid 1px black; padding:3px; } </style> </head> <body> <form id="form1" runat="server"> <div> <asp:CreateUserWizard
id="CreateUserWizard1" ContinueDestinationPageUrl="~/Default.aspx" InstructionText="Please complete the following form to register at this Website." CompleteSuccessText="Your new account has been created. Thank you for registering." CssClass="createUser" TitleTextStyle-CssClass="createUser_title" InstructionTextStyle-CssClass="createUser_instructions" CreateUserButtonStyle-CssClass="createUser_button" ContinueButtonStyle-CssClass="createUser_button" Runat="server" /> </div> </form> </body> </html> Kt xut ca chng trnh Hnh 5 1.3.1 Gi Email thng bo ti ngi s dng Bn c th thit lp cho php iu khin CreateUserWizard gi th t ng n ngi s dng khi ng k thnh cng mt ti khon mi trn website ca mnh V d bn c th gi mt mail cha ng thng tin v ti khon v mt khu ca ngi s dng v ti khon email ca ngi ny. Listing 1.10 CreateUserWizardEmail.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="CreateUserWizardEmail.aspx.cs" Inherits="CreateUserWizardEmail" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Send Email</title> </head> <body> <form id="form1" runat="server"> <div> <asp:CreateUserWizard id="CreateUserWizard1" Runat="server"> <MailDefinition BodyFileName="Register.txt" Subject="Xc nhn ng k"
From="Admin@YourSite.com" /> </asp:CreateUserWizard> </div> </form> </body> </html> Lp MailDefinition h tr cc thuc tnh sau: BodyFileName: ch nh ng dn cha ni dung th CC: Cho php gi mt bn copy ti hm th khc EmbeddedObjects: Cho php gi km cc file khc nh l nh, doc From: a ch hm th gi. IsBodyHtml: Cho php gi nh dng Html Priority: Cho php bn ch nh u tin ca th, n c th c cc gi tr sau: High, Low, v Normal Subject: Ch nh tiu ca th. Lp MailDefinition s dng mail server c cu hnh bi thnh phn SMTP trong file Web.config nh v d sau: Listing 1.11 Web.config M: <configuration> <system.net> <mailSettings> <smtp deliveryMethod="PickupDirectoryFromIis"></smtp> </mailSettings> </system.net> </configuration> Vi v d trn l bn dng mail server t my cc b, bn cng c th thit lp mail server t mt my ch khc bng vic ch nh cc mail host, username v Passwword Listing 1.12 Web.config M: <configuration> <system.net> <mailSettings> <smtp> <network host="mail.yourdomain.com" userName="admin" password="secret"/> </smtp> </mailSettings> </system.net> </configuration> 1.3.2 Chuyn ngi s dng sang mt trang khc t ng Khi bn ng nhp thnh cng trn trang Login.aspx, trang t ng chuyn li trang ngi s dng va yu cu. Vi iu khin CreateUserWizard khng t ng lm vic
ny cho chng ta, n c th lm vic ging vi iu khin Login chng ta cn vit thm mt t code. iu khin login trong Listing 1.12 sau bao gm mt ng ngi s dng chuyn n trang ng k s dng c t tn l CreateUserWizardReturn.aspx. Trong s kin Page_Load(). Gi tr ca chui truy vn c thm vo trang ng k. Listing 1.13 LoginReturn.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="LoginReturn.aspx.cs" Inherits="LoginReturn" %> <script runat="server"> protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { string dest = Request.QueryString["ReturnUrl"]; Login1.CreateUserUrl = "~/CreateUserWizardReturn.aspx?ReturnUrl=" + Server.UrlEncode(dest); } } </script> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>ng nhp</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Login id="Login1" CreateUserText="Register" CreateUserUrl="~/CreateUserWizardReturn.aspx" Runat="server" /> </div> </form> </body> </html> Trc khi s dng Listing 1.13 bn cn thay i tn trang LoginReturn.aspx thnh trang Login.aspx. Nu ngi s dng yu cu n mt trang yu cu phi kim chng, ngi s dng s t ng chuyn ti trang Login.aspx. Tham s ReturnUrl s c gn vo
trang Login ny. Trong Listing 1.14 sau cha ng mt iu khin CreateUserWizard. Trang ny ch cha ng mt iu khin s kin Page_Load(). Gi tr ca tham s ReturnUrl c s dng a ngi s dng tr v trang m ngi s dng yu cu. Listing 1.14 CreateUserWizardReturn.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="CreateUserWizardReturn.aspx.cs" Inherits="CreateUserWizardReturn" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> void Page_Load() { if (!Page.IsPostBack) { string dest = "~/Default.aspx"; if (!String.IsNullOrEmpty(Request.QueryString["ReturnURL"])) dest = Request.QueryString["ReturnURL"]; CreateUserWizard1.ContinueDestinationPageUrl = dest; } } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Gi li trang CreateUserWizardReturn.aspx</title> </head> <body> <form id="form1" runat="server"> <div> <asp:CreateUserWizard ID="CreateUserWizard1" runat="server" /> </div> </form> </body> </html> 1.3.3 Sinh Password t ng Mt vi website khi bn ng k s dng, n ch yu cu bn nhp cc thng tin c nhn cn mt khu website s t sinh ra v gi v hm th ca bn. sau khi ng nhp ln u bn c th thay i mt khu ny. Nu bn cn s dng kch bn ny cho website ca bn khi ngi s dng ng k s dng, bn cn lm c 3 thuc tnh sau ca iu khin CreateUserWizard AutoGeneratePassword: Cho php t sinh ra mt password t ng DisableCreatedUser: Cho php v hiu ha to ti khon mi t iu khin CreateUserWizard. LoginCreatedUser: Cho php bn ngn cn ngi s dng mi s c ng nhp t
ng Bn c th gi hai kiu mail xc nhn. u tin bn c th sinh password t ng v gi Password vo hm th ca ngi s dng. Trong tng hp ny bn s cho php thuc tnh AutoGeneratePassword v v hiu ha thuc tnh LoginCreatedUser. Trng hp th 2, bn c th cho php mt ngi s dng nhp mt khu v gi m xc nhn n hm th xc nhn Trong trng hp ny bn s cho php thuc tnh DisableCreatedUser v v hiu ha thuc tnh LoginCreatedUser. Listing 1.15 cha ng mt iu khin CreateUserWizard m khng yu cu nhp mt khu. iu khin ny cho php thuc tnh AutoGeneratePassword v v hiu ha thuc tnh LoginCreatedUser Listing 1.15 CreateUserWizardPasswordConfirmation.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="CreateUserWizardPasswordConfirmation.aspx.cs" Inherits="CreateUserWizardPasswordConfirmation" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>T ng sinh Password</title> </head> <body> <form id="form1" runat="server"> <div> <asp:CreateUserWizard id="CreateUserWizard1" CompleteSuccessText="A confirmation email containing your new password has been sent to your email address." AutoGeneratePassword="true" LoginCreatedUser="false" ContinueDestinationPageUrl="~/Login.aspx" Runat="server"> <MailDefinition From="Admin@YourSite.com" BodyFileName="PasswordConfirmation.htm" IsBodyHtml="true" Subject="Registration Confirmation" /> </asp:CreateUserWizard> </div> </form> </body> </html>
iu khin CreateUserWizard gi th cha ng nh trong Listing 1.16 Listing 1.16 PasswordConfirmation.htm M: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Ni dung xc nhn mt khu</title> </head> <body> Ni dung xc nhn mt khu Your new password is <% Password %>. </body> </html> Khi to ti khon thnh cng trong mail cha ng mt khu t sinh ra. Ngi s dng s dng mt khu ny ng nhp trn website. Trong kch bn th 2, ngi s dng c th s dng password m ngi chn. Tuy nhin ti khon ny s b v hiu ha cho n khi ngi ny nhp m xc nhn. iu khin CreateUserWizard trong Listing 1.17 cho php thuc tnh DisableCreateUser v v hiu ha thuc tnh LoginCreatedUser. Listing 1.17 CreateUserWizardCodeConfirmation.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="CreateUserWizardCodeConfirmation.aspx.cs" Inherits="CreateUserWizardCodeConfirmation" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> protected void CreateUserWizard1_SendingMail(object sender, MailMessageEventArgs e) { MembershipUser user = Membership.GetUser(CreateUserWizard1.UserName); string code = user.ProviderUserKey.ToString(); e.Message.Body = e.Message.Body.Replace("<%ConfirmationCode%>", code); } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>To form ng k yu cu xc nhn m</title> </head> <body> <form id="form1" runat="server">
<div> <asp:CreateUserWizard id="CreateUserWizard1" CompleteSuccessText="A confirmation email containing your new password has been sent to your email address." DisableCreatedUser="true" ContinueDestinationPageUrl="~/ConfirmCode.aspx" OnSendingMail="CreateUserWizard1_SendingMail" Runat="server"> <MailDefinition From="Admin@YourSite.com" BodyFileName="CodeConfirmation.htm" IsBodyHtml="true" Subject="Registration Confirmation" /> </asp:CreateUserWizard> </div> </form> </body> </html> Trong Listing 1.17 gm mt iu khin s kin SendingMail. M s dng l mt kha duy nht gi ti ngi s dng bi MenberShip Provider. M xc nhn c trnh trong mail trc khi mail c gi. Mail ny c cha ng trong Listing 1.18 Listing 1.18 M: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Untitled Page</title> </head> <body> <div> <%UserName%>, M xc nhn ca bn l <%ConfirmationCode%> </div> </body> </html> Sau khi hon thnh Form a ra bi CreateUserWizard bn nhn vo nt Continue m trang ConfirmCode.aspx. Listing 1.19 ConfirmCode.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="ConfirmCode.aspx.cs" Inherits="ConfirmCode" %>
<script runat="server"> protected void btnConfirm_Click(object sender, EventArgs e) { MembershipUser user = Membership.GetUser(txtUserName.Text); if (user == null) { lblError.Text = "Tn s dng khng ng"; } else { string providerCode = user.ProviderUserKey.ToString(); string userCode = txtConfirmationCode.Text.Trim(); if (providerCode != userCode) { lblError.Text = "Sai m cc nhn"; } else { user.IsApproved = true; Membership.UpdateUser(user); Response.Redirect("~/Baomat/Secret.aspx"); } } } </script> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>kim tra xc nhn</title> </head> <body> <form id="form1" runat="server"> <div> <p> Nhp m xc nhn m bn c gi t mail. </p> <asp:Label id="lblError" EnableViewState="false" ForeColor="Red" Runat="server" /> <br /><br /> <asp:Label id="lblUserName" Text="tn s dng:" AssociatedControlID="txtUserName" Runat="server" /> <br /> <asp:TextBox id="txtUserName" Runat="server" />
<br /><br /> <asp:Label id="lblConfirmationCode" Text="M xc nhn:" AssociatedControlID="txtConfirmationCode" Runat="server" /> <br /> <asp:TextBox id="txtConfirmationCode" Columns="50" Runat="server" /> <asp:Button id="btnConfirm" Text="Xc nhn" OnClick="btnConfirm_Click" Runat="server" /> </div> </form> </body> </html>
LogoutText:nh ngha ni dung cho Logout Link. LoginStatus h tr hai s kin sau: LoggingOut: Xy ra trc khi ngi s dng ng xut LoggedOut: Xy ra sau khi ngi s dng ng xut
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>hin th thay i mt khu</title> <style type="text/css"> .changePassword { font:14px Verdana,Sans-Serif; background-color:lightblue; border:solid 3px black; padding:4px; } .changePassword_title { background-color:darkblue; color:white; font-weight:bold; } .changePassword_instructions { font-size:12px; text-align:left; padding:10px; } .changePassword_button { border:solid 1px black; padding:3px; } </style> </head> <body> <form id="form1" runat="server"> <div> <asp:LoginName ID="LoginName1" runat="server" /> <asp:ChangePassword id="ChangePassword1" InstructionText="Complete this form to create a new password." DisplayUserName="true" ContinueDestinationPageUrl="~/Default.aspx" CancelDestinationPageUrl="~/Default.aspx" CssClass="changePassword" TitleTextStyle-CssClass="changePassword_title" InstructionTextStyle-CssClass="changePassword_instructions"
ChangePasswordButtonStyle-CssClass="changePassword_button" CancelButtonStyle-CssClass="changePassword_button" ContinueButtonStyle-CssClass="changePassword_button" Runat="server" /> </div> </form> </body> </html> Kt xut ca chng trnh Hnh 6 1.6.1 Gi mt Email thay i Password Sau khi ngi s dng thay i mt khu thnh cng, bn c th s dng iu khin ChangePassword t ng gi mt email ti ngi s dng vi ni dung cha km mt khu mi ca ngi . Listing 1.23 ChangePasswordEmail.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="ChangePasswordEmail.aspx.cs" Inherits="ChangePasswordEmail" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Thay i mt khu</title> </head> <body> <form id="form1" runat="server"> <div> <asp:ChangePassword id="ChangePassword1" DisplayUserName="true" Runat="server"> <MailDefinition From="Admin@YourSite.com" BodyFileName="ChangePassword.txt" Subject="Your New Password" /> </asp:ChangePassword> </div> </form> </body> </html>
Trong ni dung file ChangePassword.txt c ni dung nh sau <%UserName%>, your new password is <%Password%>. 1.6.2 S dng Templetes vi iu khin ChangePassword Nu bn cn ty chnh cch xut hin ca iu khin ChangePassword bn c th s dng templetes nh dng iu khin. iu khin ChangePassword h tr c hai ChangePasswordTemplate v SuccessTemplate. V d sau s hng dn bn s dng c hai temples ny. Listing 1.24 ChangePasswordTemplate.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="ChangePasswordTemplate.aspx.cs" Inherits="ChangePasswordTemplate" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>S dng templete vi ChangePassword</title> </head> <body> <form id="form1" runat="server"> <div> <asp:ChangePassword id="ChangePassword1" DisplayUserName="true" Runat="server"> <ChangePasswordTemplate> <h1>Thay i mt khu</h1> <asp:Label id="FailureText" EnableViewState="false" ForeColor="Red" Runat="server" /> <br /> <asp:Label id="lblUserName" Text="Tn s dng:" AssociatedControlID="UserName" Runat="server" /> <br /> <asp:TextBox id="UserName" Runat="server" /> <br /><br /> <asp:Label id="lblCurrentPassword" Text="Mt khu hin ti:" AssociatedControlID="CurrentPassword" Runat="server" /> <br /> <asp:TextBox id="CurrentPassword" TextMode="Password" Runat="server" /> <br /><br /> <asp:Label id="lblNewPassword" Text="Mt khu mi:" AssociatedControlID="NewPassword" Runat="server" /> <br />
<asp:TextBox id="NewPassword" TextMode="Password" Runat="server" /> <br /><br /> <asp:Button id="btnChangePassword" Text="Change Password" CommandName="ChangePassword" Runat="server" /> </ChangePasswordTemplate> <SuccessTemplate> Your password has been changed! </SuccessTemplate> </asp:ChangePassword> </div> </form> </body> </html> Kt xut ca chng trnh Hnh 7 Khi s dng Templetes bn vi iu khin ChangePassword bn cn thm vo cc ID km theo UserName CurrentPassword ConfirmPassword NewPassword FailureText Bn ch c th thm vo cc iu khin Button theo cc gi tr cho thuc tnh CommandName: ChangePassword Cancel Continue
<title>show Password Recovery</title> <style type="text/css"> .passwordRecovery { font:14px Verdana,Sans-Serif; background-color:lightblue; border:solid 3px black; padding:4px; } .passwordRecovery_title { background-color:darkblue; color:white; font-weight:bold; } .passwordRecovery_instructions { font-size:12px; text-align:left; padding:10px; } .passwordRecovery_button { border:solid 1px black; padding:3px; } </style> </head> <body> <form id="form1" runat="server"> <div> <asp:PasswordRecovery id="PasswordRecovery1" CssClass="passwordRecovery" TitleTextStyle-CssClass="passwordRecovery_title" InstructionTextStyle-CssClass="passwordRecovery_instructions" SubmitButtonStyle-CssClass="passwordRecovery_button" Runat="server"> <MailDefinition From="Admin@YourSite.com" Subject="Password Reminder" /> </asp:PasswordRecovery> </div> </form> </body> </html>
Khi chy chng trnh trn u tin bn s b yu cu nhp tn s dng, tip theo bn phi nhp cu tr li b mt m bn s dng trong lc ng k, cui cng mt khu s c gi n ti khon email ca ngi ng k. Bi mc nh iu khin PasswordRecovery s khi to mt khu v gi n ngi s dng. 1.7.1 Gi mt khu ban u Bi mc nh iu khin PasswordRecovery khng gi mt khu c ca ngi s dng, nu bn khng mun iu khin PasswordRecovery khi ta li password ca ngi s dng trc khi gi n bn phi thay i cu hnh MenberShip Provider, Ba thit lp cu hnh chnh passwordFormat, enablePasswordRetrieval, v enablePasswordReset. Bi mc nh thuc tnh passwordFormat c gi tr l Hashed. Khi mt khu c Hashed, iu khin PasswordRecovery khng th gi mt khu gc ban u ca ngi s dng, Nu bn mun ngi s dng nhn c password c ca mnh bn cn thit lp thuc tnh passwordFormat v cc gi tr Clear hoc Encrypted. Mc nh thuc tnh enablePasswordRetrieval c gi tr l false, nu bn mun ngi s dng nhn c mt khu c bn phi thit lp cho php thuc tnh ny trong file web.config. Cui cng, mc nh thuc tnh enablePasswordReset c gi tr l true, N khng ch n gi tr ca PasswordFormat hay enablePasswordRetrieval, bn c th lun lun khi to li mt khu ca ngi s dng Listing 1.26 sau cha ng nhng cu hnh cn thit cho php gi mt khu c n ngi s dng. Listing 1.26 Web.config M: <?xml version="1.0"?> <configuration> <appSettings/> <connectionStrings/> <system.web> <authentication mode="Windows" /> <membership defaultProvider="MyMenberShip"> <providers> <add name="MyMembership" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer" passwordFormat="Clear" enablePasswordRetrieval="true" /> </providers> </membership> </system.web> </configuration> 1.7.2 Yu cu cu hi bo mt v tr li Khi bn s dng CreateUserWizard to form ng k, bn b yu cu nhp cu hi bo
mt v cu tr li cho cu hi , iu khin PasswordRecovery hin th mt form cha ng cu hi bo mt, nu bn khng nhp vo ng cu tr li bo mt ca bn, mt khu ca bn s khng c gi. Nu bn khng mun ngi s dng phi nhp cu hi bo mt khi khi phc mt khu, bn c th chnh sa cu hnh ca menbership, listing 1.27 sau s gn gi tr l false cho thuc tnh requiresQuestionAndAnswer. Listing 1.27 M: <?xml version="1.0"?> <configuration> <system.web> <authentication mode="Forms" /> <membership defaultProvider="MyMembership"> <providers> <add name="MyMembership" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer" requiresQuestionAndAnswer="false" /> </providers> </membership> </system.web> </configuration>
php cc tn ti khon Micosoft Windows ca h. Vai tr ph hp vi nhm Micisoft Windows. Windows authentication y quyn chu trch nhim nh danh ngi s dng trn IIS. IIS c th s dng cu hnh Basic, Intergrated Windows, hoc Digest authentication. Kim chng .NET Passport ging vi kim chng website ca Microsofts nh l MSN hay Hotmail. Nu bn mun ngi s dng ng nhp trong ng dng ca bn bi cc ti khon Hotmail tn ti, bn c th cho php kim chng .Net PassPort. Cui cng l kiu kim chng Form Authentication. Khi Form Authentication c cho php, Cc ngi s dng c nh ngha bi mt cookie. Khi ngi s dng c kim chng. Mt cookie m ha c thm vo trnh duyt ca ngi s dng. Khi Form Authentication c cho php, ngi s dng v v thng tin vai tr c lu tr trong mt kho d liu ty bin. V d bn c th lu tr tn ngi s dng v mt khu trong mt file XML, database, hay mt file Text c bn.
<connectionStrings/> <system.web> <authentication mode="Forms" > <forms name="MyApp" /> </authentication> </system.web> </configuration>
A53DBB3C3E0AD2" validationKey="61A8E04A146AFFAB81B6AD19654F99EA7370807F18F5002725DA B98B8EFD19C711337E26948E26D1D174B159973EA0BE8CC9CAA6AAF513BF84E 44B2247792265" /> </system.web> </configuration> Nu bn cu hnh nh Listing 2.4 cho php hai ng dng khc nhau nh v trn cc domain khc nhau, hai ng dng khc nhau c th chia s th kim chng khc nhau. Khi bn lin kt hoc chuyn san trang t mt trang khc bn phi truyn th kim chng ny trong chui tham s truy vn Listing 2.5 QueryStringAuthenticate.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="QueryStringAuthenticate.aspx.cs" Inherits="QueryStringAuthenticate" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string cookieValue = FormsAuthentication.GetAuthCookie(User.Identity.Name, false).Value; lnkOtherDomain.NavigateUrl += String.Format("?{0}={1}", cookieName, cookieValue); } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <asp:HyperLink id="lnkOtherDomain" Text="lin kt ti Domain khc" NavigateUrl="http://www.OtherDomain.com/Secret.aspx" Runat="server" /> </div> </form> </body> </html>
Giao tip lp trnh ng dng chnh cho tng tc vi kim chng Forms l lp FormsAuthentication Lp ny h tr cc thuc tinh sau: CookieDomain: Tr v domain kt hp vi cookie xc thc CookieMode: Tr v kiu xc thc cookieless. C th l cc gi tr: AutoDetect, UseCookies, UseDeviceProfile, and UseUri. CookiesSupported: Tr v ng khi trnh duyt h tr cookie v xc thc Forms c cu hnh s dng cookies. DefaultUrl: Tr v URL ca trang m ngi s dng c chuyn ti sau khi c kim chng. EnableCrossAppRedirects: Tr v true khi th kim chng c th g b t chui truy vn FormsCookieName: tr v tn ca cookie xc thc FormsCookiePath: Tr v ng dn kt hp vi cookie kim chng. LoginUrl: tr v URL ca trang m ngi s dng c chuyn ti khi s c kim chng. RequireSSL: Tr v ng khi cookie kim chng phi c truyn thng vi SSL. SlidingExpiration: Tr v True khi cookie kim chng s dng chnh sch trt qu hn. Cc thuc tnh ny tr v cc thit lp cu hnh trong file web.config Lp FormsAuthentication h tr cc phng thc sau: Authenticate: Cho php bn kim tra li UserName v Password da vo mt danh sch UserName v Password c lu tr trong file web.config. Decrypt: cho php bn gii m mt cookie xc thc GetAuthCookie: Cho php bn ly thng tin cookie xc thc. GetRedirectUrl: Cho php bn ly thng tin ng dn trang ban u gy ra chuyn ti trang Login.aspx. HashPasswordForStoringInConfigFile: Cho php bn lu tr mt mt khu m n c th c lu tr trong file web.config. RedirectFromLoginPage: Cho php bn chuyn ngi s dng quay tr li trang ban u c yu cu trc khi ngi s dng c chuyn ti trang Login.aspx. RedirectToLoginPage: cho php chuyn ngi s dng ti trang Login.aspx RenewTicketIfOld: Cho php bn cp nht thi gian ht hn ca cookie kim chng. SetAuthCookie: Cho php bn to v a ra mt cookie kim chng. SignOut: Cho php bn g b mt cookie kim chng v ng xut ngi s dng. Bn c th s dng cc phng thc v thuc tnh ca lp FormsAuthentication xy dng ngi ng k s dng v h thng kim chng ngoi vic s dng ASP.NET Menbership. V d Listing 2.6 cha ng mt danh sch tn s dng v mt khu Listing 2.6 web6.config M: <configuration> <system.web> <authentication mode="Forms"> <forms> <credentials passwordFormat="Clear"> <user name="Bill" password="secret" />
<user name="Jane" password="secret" /> <user name="Fred" password="secret" /> </credentials> </forms> </authentication> </system.web> </configuration> Listing 2.6 cha ng thnh phn forms m cha ng thnh phn credentials. credentials bao gm mt danh sch UserName v Password. Ch rng thnh phn credentials cha mt thuc tnh PasswordFormatm c thit lp vi gi tr Clear, Nu bn thch lu tr mt khu trong Text hn bn c th lu tr mt khu trong cc gi tr hash, Vi con ng th bt c ai trn webserver khng th nhn thy mt khu ca ngi khc. Trng hp 2 gi tr ca PasswordFormat c th l MD5 v SHA1. Listing 2.7 FormsLogin.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="FormsLogin.aspx.cs" Inherits="FormsLogin" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> protected void btnLogin_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(txtUserName.Text,txtPassword.Text)) FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRememberMe.Checked); else lblError.Text = "Invalid user name/password"; } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>ng nhp h thng</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Label id="lblError" EnableViewState="false" ForeColor="Red" Runat="server" /> <br /><br /> <asp:Label id="lblUserName" Text="User Name:" AssociatedControlID="txtUserName" Runat="server" /> <br />
<asp:TextBox id="txtUserName" Runat="server" /> <br /><br /> <asp:Label id="lblPassword" Text="Password:" AssociatedControlID="txtPassword" Runat="server" /> <br /> <asp:TextBox id="txtPassword" TextMode="Password" Runat="server" /> <br /><br /> <asp:CheckBox id="chkRememberMe" Text="Remember Me" Runat="server" /> <br /><br /> <asp:Button id="btnLogin" Text="Login" OnClick="btnLogin_Click" Runat="server" /> </div> </form> </body> </html> Khi bn nhn vo nt Button Login, hm btnLogin_Click() c thc thi v phng thc FormsAuthentication.Authenticate() c s dng kim tra tn s dng v mt khu nhp trong Textbox c trong fike web.config khng. Nu ngi s dng xc thc thnh cng th phng thc FormsAuthentication.RedirectFromLoginPage() c gi. Phng thc RedirectFromLoginPage() lm hai vic: thm mt cookie xc thc vo trnh duyt ca ngi s dng v chuyn ngi s dng ti trang u tin b chuyn sang trang Login.aspx. Nu ngi s dng yu cu trc tip trang Login.aspx th n s chuyn v trang Default.aspx. Tham s th 2 truyn ti phng thc RedirectFromLoginPage() cho bit c bn c mun s dng mt session hay mt persistent cookie hay khng. Nu bn to mt persistent cookie th bn khng cn phi ng nhp trang web khi bn tr li trong mt thi gian sau .
IsAuthenticated: cho php bn xc nh ngi s dng c c kim chng hay khng. Name: cho php ly thng tin tn ca ngi s dng.
mc nh l rng. enableCrossAppRedirects: Cho php ngi s dng kim chng qua ng dng bng cch th xc thc trong mt chui truy vn.. Gi tr mc nh l fasle. loginUrl: Cho php bn ch nh ng dn ti trang Login. Gi tr mc nh l Login.aspx name: Cho php bn ch nh tn ca cookie kim chng. gi tr mc nh l .ASPXAUTH. path: Cho php bn ch nh ng dn kt hp vi cookie kim chng mc nh gi tr l /. Protection: cho php bn ch nh cookie kim chng c m ha nh th no. Gi tr c th l All, Encryption, None v Validation, gi tr mc nh l All. requiresSSL: Cho php bn yu cu mt SSL(Secure Sockets Layer) kt ni khi truyn cookie kim chng. mc nh gi tr l false. slidingExpiration: Cho php bn ngn cn cookie xc thc ht hn nh l ngi s dng tip tc to mt yu cu trong mt khong thi gian, c th c gi tr l False hoc True, mc nh l Fasle. timeout: Cho php bn ch nh mt lng thi gian ht hn ca cookie xc thc tnh bi pht. Gi tr mc nh l 30. V d sau s thay i tn ca cookie authentication. Listing 2.1 web1.config M: <?xml version="1.0"?> <configuration> <appSettings/> <connectionStrings/> <system.web> <authentication mode="Forms" > <forms name="MyApp" /> </authentication> </system.web> </configuration>
tOqV7cfcrgUJ2NKxNhH9dTA7fgzZ-cZwyr4ojyU6EnarC-bbf8g4sl6m4k5kk6Nmcsg1)) /SecretFiles/Secret2.aspx Bn cu hnh kim chng cookieless bi vic gn mt gi tr ca thnh phn form trong file web.config. thuc tnh cookieless chp nhn mt vi thuc tnh sau: UseCookies: lun lun s dng cookie xc thc. UseUri: Khng bao gi s dng cookie xc thc. AutoDetect: t ng pht hin s dng cookie xc thc. UseDeviceProfile: s dng profile nh r khi no s dng cookie xc thc. Mc nh l gi tr UseDeviceProfile. Bi mc nh ASP.NET Framework l mt cookie ch khi no mt kiu ring ca thit b h tr cookie. ASP.NET Framework duy tr mt c s d liu ty thuc kh nng thit b trong thit lp ca cc file cha ng theo ng dn sau: \WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers Bi mc nh ASP.NET Framework khng bao gi s dng xc thc cookieless vi mt trnh duyt nh l IE. Nu bn mun ASP.NET Framework t ng pht hin trnh duyt c h tr cookie hay khng th bn thit lp thuc tnh cookieless c gi tr l AutoDetect. Listing 2.2 M: <configuration> <system.web> <authentication mode="Forms" > <forms cookieless="AutoDetect"></forms> </authentication> </system.web> </configuration>
</system.web> </configuration>
<script runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string cookieValue = FormsAuthentication.GetAuthCookie(User.Identity.Name, false).Value; lnkOtherDomain.NavigateUrl += String.Format("?{0}={1}", cookieName, cookieValue); } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <asp:HyperLink id="lnkOtherDomain" Text="lin kt ti Domain khc" NavigateUrl="http://www.OtherDomain.com/Secret.aspx" Runat="server" /> </div> </form> </body> </html>
Authenticate: Cho php bn kim tra li UserName v Password da vo mt danh sch UserName v Password c lu tr trong file web.config. Decrypt: cho php bn gii m mt cookie xc thc GetAuthCookie: Cho php bn ly thng tin cookie xc thc. GetRedirectUrl: Cho php bn ly thng tin ng dn trang ban u gy ra chuyn ti trang Login.aspx. HashPasswordForStoringInConfigFile: Cho php bn lu tr mt mt khu m n c th c lu tr trong file web.config. RedirectFromLoginPage: Cho php bn chuyn ngi s dng quay tr li trang ban u c yu cu trc khi ngi s dng c chuyn ti trang Login.aspx. RedirectToLoginPage: cho php chuyn ngi s dng ti trang Login.aspx RenewTicketIfOld: Cho php bn cp nht thi gian ht hn ca cookie kim chng. SetAuthCookie: Cho php bn to v a ra mt cookie kim chng. SignOut: Cho php bn g b mt cookie kim chng v ng xut ngi s dng. Bn c th s dng cc phng thc v thuc tnh ca lp FormsAuthentication xy dng ngi ng k s dng v h thng kim chng ngoi vic s dng ASP.NET Menbership. V d Listing 2.6 cha ng mt danh sch tn s dng v mt khu Listing 2.6 web6.config M: <configuration> <system.web> <authentication mode="Forms"> <forms> <credentials passwordFormat="Clear"> <user name="Bill" password="secret" /> <user name="Jane" password="secret" /> <user name="Fred" password="secret" /> </credentials> </forms> </authentication> </system.web> </configuration> Listing 2.6 cha ng thnh phn forms m cha ng thnh phn credentials. credentials bao gm mt danh sch UserName v Password. Ch rng thnh phn credentials cha mt thuc tnh PasswordFormatm c thit lp vi gi tr Clear, Nu bn thch lu tr mt khu trong Text hn bn c th lu tr mt khu trong cc gi tr hash, Vi con ng th bt c ai trn webserver khng th nhn thy mt khu ca ngi khc. Trng hp 2 gi tr ca PasswordFormat c th l MD5 v SHA1. Listing 2.7 FormsLogin.aspx M: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="FormsLogin.aspx.cs" Inherits="FormsLogin" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> protected void btnLogin_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(txtUserName.Text,txtPassword.Text)) FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRememberMe.Checked); else lblError.Text = "Invalid user name/password"; } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>ng nhp h thng</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Label id="lblError" EnableViewState="false" ForeColor="Red" Runat="server" /> <br /><br /> <asp:Label id="lblUserName" Text="User Name:" AssociatedControlID="txtUserName" Runat="server" /> <br /> <asp:TextBox id="txtUserName" Runat="server" /> <br /><br /> <asp:Label id="lblPassword" Text="Password:" AssociatedControlID="txtPassword" Runat="server" /> <br /> <asp:TextBox id="txtPassword" TextMode="Password" Runat="server" /> <br /><br /> <asp:CheckBox id="chkRememberMe" Text="Remember Me" Runat="server" /> <br /><br /> <asp:Button id="btnLogin" Text="Login" OnClick="btnLogin_Click" Runat="server" /> </div> </form> </body> </html> Khi bn nhn vo nt Button Login, hm btnLogin_Click() c thc thi v phng thc FormsAuthentication.Authenticate() c s dng kim tra tn s dng v mt khu nhp trong Textbox c trong fike web.config khng. Nu ngi s dng xc thc thnh cng th phng thc FormsAuthentication.RedirectFromLoginPage() c gi.
Phng thc RedirectFromLoginPage() lm hai vic: thm mt cookie xc thc vo trnh duyt ca ngi s dng v chuyn ngi s dng ti trang u tin b chuyn sang trang Login.aspx. Nu ngi s dng yu cu trc tip trang Login.aspx th n s chuyn v trang Default.aspx. Tham s th 2 truyn ti phng thc RedirectFromLoginPage() cho bit c bn c mun s dng mt session hay mt persistent cookie hay khng. Nu bn to mt persistent cookie th bn khng cn phi ng nhp trang web khi bn tr li trong mt thi gian sau .