public ActionResult CekLogin(string userid, string Password) { if (ModelState.IsValid) { LoginService loginService = new LoginService(); UserProfile userProfile = loginService.CekLogin(userid, Password); if (userProfile != null && !string.IsNullOrEmpty(userProfile.GlobalID)) { WindowsIdentity identity = Request.LogonUserIdentity; userProfile.GlobalID = userid; userProfile.WindowsLogin = identity.Name; userProfile.IPAddress = GetIPAddress(); userProfile.WebBrowser = GetBrowser(); userProfile.ApplicationMode = APP.Framework.Enumeration.ApplicationMode.Testing; //userProfile.DebuggerID = "simulateUser"; userProfile.DeviceID = "deviceID"; applAppService = new ApplAppService(userProfile); MsUserAppService msUserAppService = new MsUserAppService(userProfile); List <MsUser> msUserLst = msUserAppService.GetMsUserList().Where(x => x.UserID.Equals(userProfile.GlobalID)).ToList(); string userRole = ""; foreach (var item in msUserLst) { if (userRole != "") { userRole += "+"; } userRole += item.UserRoleID + "|" + item.UserID + "|" + item.FullName; } //to be retrieved from DB if (userRole == "") { Error("you do not have permission to access this application"); return(RedirectToAction("Index")); } else { FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(2, userProfile.GlobalID, DateTime.Now, DateTime.Now.Add(FormsAuthentication.Timeout), false, userRole); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); FormsAuthentication.SetAuthCookie(userProfile.GlobalID, false); authCookie.Expires = authTicket.Expiration; Response.Cookies.Add(authCookie); userActivity.Action = "Login"; userActivity.FormName = "Login.aspx"; userActivity.Description = "Login Success"; applAppService.LogUserActivity(userActivity); } Session["UserProfile"] = userProfile; } else { Error("Login Failed, Please Check User Name and Password"); return(RedirectToAction("Index")); } } else { Error("Login Failed, Please Check User Name and Password"); return(RedirectToAction("Index")); } Success("Login Success"); return(RedirectToAction("Index", "Home")); }