Solved

ASP Net -  How does Login Control Authenticate users behind the scenes?

Posted on 2007-11-15
2
1,092 Views
Last Modified: 2013-11-07
Hi,

Here's my problem.  I've been asked to develop a cut down mobile version of our companies site.  The existing company site uses in built asp.net 2.0 Membership provider.  The login for the existing site is completely out of the box.  ie.  The authenticating of the user credentials is handled behind the scenes by the Login control.

The problem is that I have to mirror this functionality in the mobile login form and there is no login control for mobile forms.  So I guess I need to understand how the Login control on the existing site handles the encryption of user credentials so I can write my own logic for the mobile login.

Hope that makes sense.  Can anyone point me in the write direction?

0
Comment
Question by:fizzer666
  • 2
2 Comments
 
LVL 10

Expert Comment

by:Dxpert
ID: 20288800
Hey, I think that you can basically create a Custom Membership Provider like the one here:
http://www.15seconds.com/issue/050216.htm

Then have a login/logout procedure on your form that will validate the user. I am using something like this on my own website, except that I use Forms Authentication:

.ASPX

<asp:Panel ID="pnlLogin" runat=server Visible=true>
      <asp:Label ID="lblPassword" CssClass="textBlack12px" Text="What's my name?" runat=server />
      <asp:TextBox Id="txtPassword" width="100" TextMode="Password" runat="server"/><br />
      <asp:Button Id="cmdLogin1" Text="Login" UseSubmitBehavior=true runat="server" />
</asp:Panel>
<div class="textRed12px" id="ErrorMessage" runat="server" />


.ASPX.VB

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

      'on this example, If the user is logged in, I change the Login text to Logout...
      'note that I'm only using a Password field
        If User.Identity.IsAuthenticated Then
            SetLogin(True)
        End If
      
        If Page.IsPostBack Then
            If cmdLogin1.Text = "Login" Then
                ProcessLoginNew()
            Else
                SignOutNew()
            End If
        End If

    End Sub

    Sub SetLogin(ByVal bLoggedIn As Boolean)

        lblPassword.Visible = Not bLoggedIn
        txtPassword.Visible = Not bLoggedIn

        If bLoggedIn Then
            cmdLogin1.Text = "Logout"
        Else
            cmdLogin1.Text = "Login"
        End If
       
    End Sub
       
    Sub ProcessLoginNew()
   
          'in here you would call your Membership.ValidateUser
          
        If txtPassword.Text.Trim.Length > 0 Then
            If FormsAuthentication.Authenticate("user", txtPassword.Text.ToLower) Then
                FormsAuthentication.RedirectFromLoginPage("user", True)
                ErrorMessage.InnerHtml = ""
                SetLogin(True)
            Else
                ErrorMessage.InnerHtml = "Invalid Password."
            End If
        End If
    End Sub
   
    Sub SignOutNew()
        FormsAuthentication.SignOut()
        SetLogin(False)
    End Sub



Some more info:
http://aspnet.4guysfromrolla.com/articles/120705-1.aspx

Hope this helps you get started...
0
 
LVL 10

Accepted Solution

by:
Dxpert earned 500 total points
ID: 20288860
     If Membership.ValidateUser(Login1.UserName, Login1.Password) Then
            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, False)
        End If

http://forums.asp.net/t/950427.aspx

;-)

0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now