private void SetAuthCookie(string userId, bool createPersistentCookie)
{
　　var ticket = new FormsAuthenticationTicket(2, userId, DateTime.Now, DateTime.Now.AddDays(7), true, \"\", FormsAuthentication.FormsCookiePath);
　　string ticketEncrypted = FormsAuthentication.Encrypt(ticket);

　　HttpCookie cookie;
　　if (createPersistentCookie)//是否在设置的过期时间内一直有效
　　{
　　　　cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted)
　　　　{
　　　　　　HttpOnly = true,
　　　　　　Path = FormsAuthentication.FormsCookiePath,
　　　　　　Secure = FormsAuthentication.RequireSSL,
　　　　　　Expires = ticket.Expiration,
　　　　　　Domain = \"cnblogs.com\"//这里设置认证的域名，同域名下包括子域名如aa.cnblogs.com或bb.cnblogs.com都保持相同的登录状态
　　　　};
　　}
　　else
　　{
　　　　cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted)
　　　　{
　　　　　　HttpOnly = true,
　　　　　　Path = FormsAuthentication.FormsCookiePath,
　　　　　　Secure = FormsAuthentication.RequireSSL,
　　　　　　//Expires = ticket.Expiration,//无过期时间的，浏览器关闭后失效
　　　　　　Domain = \"cnblogs.com\"
　　　　};
　　}

　　HttpContext.Current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName);
　　HttpContext.Current.Response.Cookies.Add(cookie);
}

public bool IsAuthenticated
{
　　get
　　{
　　　　bool isPass = System.Web.HttpContext.Current.User.Identity.IsAuthenticated;

　　　　if (!isPass)
　　　　　　SignOut();

　　　　return isPass;
　　}
}

public string GetCurrentUserId()
{
   return _httpContext.User.Identity.Name;
}

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}
protected void Button1_Click(object sender, EventArgs e)
{ 

string connString = Convert.ToString(ConfigurationManager.ConnectionStrings[\"001ConnectionString\"]);
//001ConnectionString是我在webconfig里配置的数据库连接。
SqlConnection conn = new SqlConnection(connString); 
string strsql = \"select * from User_table where User_name=\'\" + UserName.Text + \"\' and Password=\'\" + Password.Text + \"\'\";
SqlCommand cmd = new SqlCommand(strsql, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);

if (dr.Read())
{ 
Response.Redirect(\"index.aspx\");
conn.Close();
}
else
{
FailureText.Text = \"登陆失败,请检查登陆信息!\";
conn.Close();
Response.Write(\"<script language=javascript>alert(\'登陆失败!.\');</script>\");
}
}

protected void Button2_Click(object sender, EventArgs e) //文本框重置按钮
{
UserName.Text = \"\";
Password.Text = \"\";

}
}

<%@ Page Language=\"C#\" AutoEventWireup=\"true\" CodeFile=\"Login.aspx.cs\" Inherits=\"Login\" %>

<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \" http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">

<html xmlns=\" http://www.w3.org/1999/xhtml\" >
<head runat=\"server\">
<title>无标题页</title>
</head>
<body>
<form id=\"form1\" runat=\"server\"> 
<asp:Panel ID=\"Panel1\" runat=\"server\" Height=\"101px\" Width=\"231px\" Wrap=\"False\">
<table>
<tr>
<td align=\"center\" colspan=\"2\">
用户登陆</td>
</tr>
<tr>
<td style=\"width: 89px\">
用户名:</td>
<td style=\"width: 100px\">
<asp:TextBox ID=\"UserName\" runat=\"server\" Wrap=\"False\"></asp:TextBox></td>
</tr>
<tr>
<td style=\"width: 89px\">
密码:</td>
<td style=\"width: 100px\">
<asp:TextBox ID=\"Password\" runat=\"server\" TextMode=\"Password\" Width=\"148px\" Wrap=\"False\" ></asp:TextBox></td>
</tr>
<tr>
<td align=\"center\" colspan=\"2\" style=\"text-align: center\">
<asp:Button ID=\"Button1\" runat=\"server\" Text=\"登陆\" Width=\"50px\" OnClick=\"Button1_Click\" />
<asp:Button ID=\"Button2\" runat=\"server\" Text=\"重置\" Width=\"50px\" OnClick=\"Button2_Click\" /></td>
</tr>
<tr>
<td align=\"center\" colspan=\"2\">
<asp:Label ID=\"FailureText\" runat=\"server\" Width=\"77px\"></asp:Label></td>
</tr>
</table>
</asp:Panel>

</form>
</body>
</html>