To implement a form authentication, you need add the following code in web.config:
enableCrossAppRedirects means authenticated users in this application can be redirected to other applications as authenticated too.
<deny users="?" /> means that unauthenticated users (represented by "?") are denied access to resources in this application.
In default page:
protected void Page_Load(object sender, EventArgs e) { HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache); CookiesManager.RemoveAll(); FormsAuthentication.SignOut(); Response.Redirect("Logon.aspx"); }HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);set no browser cache.
FormsAuthentication.SignOut(); will remove authentication information from cookie for current user.
CookiesManager.RemoveAll(); will remove browser cookies for this application
In Login.aspx.cs
protected void Page_LogIn(object sender, LoginCancelEventArgs e) { //Authentication code }