ASP Net - How does Login Control Authenticate users behind the scenes?

Hi,

Here's my problem.  I've been asked to develop a cut down mobile version of our companies site.  The existing company site uses in built asp.net 2.0 Membership provider.  The login for the existing site is completely out of the box.  ie.  The authenticating of the user credentials is handled behind the scenes by the Login control.

The problem is that I have to mirror this functionality in the mobile login form and there is no login control for mobile forms.  So I guess I need to understand how the Login control on the existing site handles the encryption of user credentials so I can write my own logic for the mobile login.

Hope that makes sense.  Can anyone point me in the write direction?

fizzer666Asked:
Who is Participating?
 
DxpertConnect With a Mentor Commented:
     If Membership.ValidateUser(Login1.UserName, Login1.Password) Then
            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, False)
        End If

http://forums.asp.net/t/950427.aspx

;-)

0
 
DxpertCommented:
Hey, I think that you can basically create a Custom Membership Provider like the one here:
http://www.15seconds.com/issue/050216.htm

Then have a login/logout procedure on your form that will validate the user. I am using something like this on my own website, except that I use Forms Authentication:

.ASPX

<asp:Panel ID="pnlLogin" runat=server Visible=true>
      <asp:Label ID="lblPassword" CssClass="textBlack12px" Text="What's my name?" runat=server />
      <asp:TextBox Id="txtPassword" width="100" TextMode="Password" runat="server"/><br />
      <asp:Button Id="cmdLogin1" Text="Login" UseSubmitBehavior=true runat="server" />
</asp:Panel>
<div class="textRed12px" id="ErrorMessage" runat="server" />


.ASPX.VB

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

      'on this example, If the user is logged in, I change the Login text to Logout...
      'note that I'm only using a Password field
        If User.Identity.IsAuthenticated Then
            SetLogin(True)
        End If
      
        If Page.IsPostBack Then
            If cmdLogin1.Text = "Login" Then
                ProcessLoginNew()
            Else
                SignOutNew()
            End If
        End If

    End Sub

    Sub SetLogin(ByVal bLoggedIn As Boolean)

        lblPassword.Visible = Not bLoggedIn
        txtPassword.Visible = Not bLoggedIn

        If bLoggedIn Then
            cmdLogin1.Text = "Logout"
        Else
            cmdLogin1.Text = "Login"
        End If
       
    End Sub
       
    Sub ProcessLoginNew()
   
          'in here you would call your Membership.ValidateUser
          
        If txtPassword.Text.Trim.Length > 0 Then
            If FormsAuthentication.Authenticate("user", txtPassword.Text.ToLower) Then
                FormsAuthentication.RedirectFromLoginPage("user", True)
                ErrorMessage.InnerHtml = ""
                SetLogin(True)
            Else
                ErrorMessage.InnerHtml = "Invalid Password."
            End If
        End If
    End Sub
   
    Sub SignOutNew()
        FormsAuthentication.SignOut()
        SetLogin(False)
    End Sub



Some more info:
http://aspnet.4guysfromrolla.com/articles/120705-1.aspx

Hope this helps you get started...
0
All Courses

From novice to tech pro — start learning today.