ansaurus

Question

How do I use a ASP.NET Login control without using a MembershipProvider?

Answer 1

+2 A:

Use Simple Forms Authentication.

Dan Diplo 2009-07-23 23:04:58

That might work in my case but it doesn't answer the question.

BCS 2009-07-23 23:11:04

Answer 2

+3 A:

If you don't have a membership provider and don't really have a security system to speak of, just put two boxes on a form (user name, password) and test it in the onclick of the button.

The login control is obviously overkill for what your trying to do.

Chris Lively 2009-07-23 23:14:56

you are probably correct... for now. Also that forces me to figure out how to deal with cookies and redirection and whatnot.

BCS 2009-07-23 23:22:45

I don't mean to be blunt, but if you are having problems creating a cookie or redirecting the user then your not going to understand how to build a custom membership provider.. Which is what you would need in order to get the login control to work.

Chris Lively 2009-07-23 23:26:45

I'm not having trouble creating a cookie, I just haven't ever worked with it and would rather not have to learn right now.

BCS 2009-07-23 23:36:42

Answer 3

+4 A:

Hi,

You can just drop the asp:Login control in your page, then in the code behind, catch the Login Control's Authenticate event.

In the Authenticate event, check the username/password that the user has entered. The username/password are properties in the login control. (Login.UserName, Login.Password)

If the username/password is correct, just set the event args Authenticated property to True.

No membership provider is required.

ex. In the aspx page..

<asp:Login ID="LoginCtrl" runat="server" DestinationPageUrl="YouAreIn.aspx"></asp:Login>

In Code Behind

Private Sub Log_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginCtrl.Authenticate
    If LoginCtrl.UserName = "Hello" AndAlso LoginCtrl.Password = "Hello" Then
        e.Authenticated = True
    End If

c#

void MyLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
    if(UserName == "Hello" && Password == "Hello")
        e.Authenticated = true;
}

Justin Largey 2009-07-23 23:14:57

+1 - That's what I do

Juan Manuel 2009-07-23 23:21:50

Also, to force the user to go to the login page, use forms authentication.

Justin Largey 2009-07-23 23:23:01

If only it were so easy. I just tried it and the login jumps directly back into the login page rather than the page it was redirected from.

BCS 2009-07-23 23:25:15

I'm already using Forms authentication.

BCS 2009-07-23 23:26:08

BCS - Did you set the DestinationPageUrl?

Justin Largey 2009-07-23 23:27:27

No, but every source I've found up to now indicates that the default will be the page that redirected to the login page.

BCS 2009-07-23 23:30:13

Apologies, forgot to mention to set the DestinationPageUrl to the page the user is suppose to be redirect to. I have a working sample in case you need it.

Justin Largey 2009-07-23 23:30:17

in your web.config are you denying anonymous users? <authorization> <deny users="?"/> <allow users="*"/> </authorization> also, here's my authentication settings, just for reference. <authentication mode="Forms"> <forms loginUrl="login.aspx" protection="All" path="/" timeout="30"></forms> </authentication>

Justin Largey 2009-07-23 23:35:19

the comments don't seem to format XML properly. When you say referring page, do you mean the page the user was one to get to your login page? or the page the user was access before being prompted to login? or something else?

Justin Largey 2009-07-23 23:37:00

Oh,.. crap:.. s/\*/\?/

BCS 2009-07-23 23:40:23

After fixing `web.conf` it works without setting `DestinationPageUrl`.

BCS 2009-07-23 23:44:07

oh, cool, did you set the defaultUrl in the web.config instead?

Justin Largey 2009-07-23 23:45:53

Nope, it works as expected: if left unset, it goes right back to the page that redirected to `Loging.aspx` whatever that happens to be this time.

BCS 2009-07-23 23:47:37

right, cool stuff, thanks for letting me know

Justin Largey 2009-07-23 23:48:36

Answer 4

A:

You would have to make a custom authentication provider and plug it in via web.config. http://www.devx.com/asp/Article/29256

Andrew Siemer 2009-07-23 23:16:44

ansaurus

tags:

views:

answers:

How do I use a ASP.NET Login control without using a MembershipProvider?

related questions