Use Form Based Authentication in Asp.Net

In the Web.Config file
========================
Do not write "--" in your Web.confg file

<--authentication mode="Forms">
<--forms loginurl="admin/Login.aspx" timeout="30" name="MyName" defaulturl="admin/AddMovie.aspx">
<--/authentication >

After the end of <--/web.config> section, start a new

<--location path="admin">
<--system.web>
<--customerrors defaultredirect="errorpage.aspx" mode="On">
<--authorization>
<--deny users="?">
<--/deny>
<--/authorization>
<--/system.web>

In the Login page 'Login' button clicks event
==========================================
objLogin = new Login();

objLogin.UserID = txtUserID.Text;
objLogin.Password = txtPassword.Text;

// Check wheather Admin is Authenticate or not.
if (objLogin.IsAdminAuthenticate())
{
FormsAuthentication.RedirectFromLoginPage(txtPassword.Text, false);
Response.Redirect("AddMovie.aspx");
}
else
{
lblMessage.Text = "Check UserID and Password.";
txtUserID.Focus();
}