This is a simple a way to code the code-behind in ASP.NET using VB.NET as the code-behind. This example is very similar to the many, many different examples MSDN provides. I suggest if you are interested in learning more secure methods to check out the MSDN lib.
I never code without that lib open for reference.

This code is basicly using a button on the webForm, once the button is clicked it will call the function and perform the work, and store certain information into cookies for future use while the user is on your site.


SQL Table is as follows:

UserName varChar 50 PK (Primary Key)
Pasword varChar 50
Access varChar 50
PersonID int FK (foriegn key which points to another table with the persons personal info)

Private Sub cmdLogin_ServerClick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdLogin.ServerClick
If ValidateUser(txtUserName.Value, txtUserPass.Value) Then
FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, _
chkPersistCookie.Checked)
Else
Response.Redirect("Login.aspx", True)
End If
Function ValidateUser(ByVal Username As String, ByVal Password As String) As Boolean
Dim cnn As SqlConnection
Dim cmd As SqlCommand
Dim dr As SqlDataReader
Dim retVal As Boolean = False
Dim access As String
Dim PersonID As Integer
cnn = New SqlConnection("WHATEVER YOUR CONNECTION STRING IS")
cmd = New SqlCommand("Select * from Users where Username = '" & Username & "'", cnn)
cnn.Open()
dr = cmd.ExecuteReader()
While (dr.Read())

If StrComp(dr.Item("Password"), Password, 1) = 0 Then
retVal = True
End If
If retVal = True Then
access = dr.Item("Access")
PersonID = dr.Item("PersonID")
Response.Cookies("userInfo")("userName") = Username
Response.Cookies("userInfo")("access") = access
Response.Cookies("userInfo")("PersonID") = PersonID
End If
End While


cnn.Close()
dr.Close()
ValidateUser = retVal

End Function

WebConfig: don't forget to change ur webConfig file
<authentication mode="Forms">
<forms name=".login" loginUrl="Login.aspx" protection="All"
timeout="60" path="/">
</forms>