try this
The below code should be in your Loging page.
Sub validateuser()
Try
sqlcon = New OleDbConnection(constr)
sqlcon.Open()
sqlcmd = New OleDbCommand("SELECT COUNT(*) FROM att_userrole WHERE username = '" + Login1.UserName + " AND password = '" + Login1.Password + "'", sqlcon)
retval = sqlcmd.ExecuteScalar
If retval = 1 Then
sqlcmd = New OleDbCommand("SELECT role, emailid FROM att_userrole WHERE username = '" + Login1.UserName + "'", sqlcon)
sqlrdr = sqlcmd.ExecuteReader()
sqlrdr.Read()
Session("username") = Login1.UserName
getrole = (sqlrdr.Item("role"))
Session("userrole") = getrole
getemail = (sqlrdr.Item("emailid"))
Session("reqemailid") = getemail
Response.Redirect("~\Home.aspx")
Else
lbl_msg.Text = ("Invalid login attmept")
End If
Catch ex As Exception
lbl_msg.Text = ex.Message.ToString
End Try
End Sub
After authentication and checking you save the details in Sessions. Then in other pages just check the session values like the below
If Session("username") = "" Then
loggedin = 0
Response.Redirect("~\login.aspx")
Else
Master.ChangeLabel("Welcome " & Session("username") & " | " & Session("userrole") & " | ")
End If
If Session("userrole") = "Admin" Then
Else
End If