tags:

views:

6512

answers:

1
+1  Q: 

How to get the asp.net login control to auto authenticate a previously authenticated user?

I am trying to to set up the login control to remember the login credentials of a user who has previously entered their user name and password successfully. I set the remember me property to true, but it doesnt seem to triger any events where I could read the cookie and auto login the user.

Is there a straightforward mechanism to accomplish this?

+3  A: 

You need to Google for Forms Authentication in ASP.NET 2.0

You will need to set up your application (via web.config) and may also need to alter IIS settings. While it's all quite straightforward, there are heaps of settings that can be used, so best is to read some of the articles. ScottGu has a blog entry that goes into a lot of good detail.

There are also many good video's at www.asp.net including these Security Tutorials

try How to: Create an ASP.NET Login Page and Walkthrough: Creating a Web Site with Membership and User Login. If I recall, you still have to do the authentication yourself unless you use the Sql Server Membership provider. In that case you still have to set up the database and web.config.

Essentially, once you've set up configuration properly, you have a login page. In that login page you tell Forms Authentication to create the authentication ticket for you once you authenticate them:

if (VerifyUser(name, password) ) // this is not a framework method
    FormsAuthentication.RedirectFromLoginPage(
        userName, false); // no persistent cookie

If you want to read the authentication ticket data (from anywhere else).

// output just writes to a StringBuilder 'sb' 
output(sb, "Identity.AuthenticationType", Page.User.Identity.AuthenticationType);

FormsIdentity fi = Page.User.Identity as FormsIdentity;
if (fi == null)
{
    output(sb, "Identity Type", Page.User.Identity.ToString());
    return;
}

output(sb, "FormsIdentity.Ticket.IssueDate", fi.Ticket.IssueDate);
output(sb, "FormsIdentity.Ticket.Expiration", fi.Ticket.Expiration);
output(sb, "FormsIdentity.Ticket.Name", fi.Ticket.Name);
output(sb, "FormsIdentity.Ticket.CookiePath", fi.Ticket.CookiePath);
output(sb, "FormsIdentity.Ticket.UserData", fi.Ticket.UserData);
output(sb, "FormsIdentity.Ticket.Version", fi.Ticket.Version);
output(sb, "FormsIdentity.Ticket.IsPersistent", fi.Ticket.IsPersistent);

The point is, once authenticated, asp.net will only redirect the user to the login page if the authentication ticket has expired and the user is on a protected page. Asp.net doesn't keep asking you to authenticate the user unnecessarily.

Robert Paulson  2008-10-03 01:36:27
thanks. I have been down this path already - its never mentioned how or what the "remember me" property does. sigh.
MikeJ  2008-10-03 02:11:07
I've added more links to the answer. It's a little more involved than plunking a few controls on a page. You need to create login pages, etc. 'Remember Me' is for creating persistent authentication cookie. You don't want this a lot of the time.
Robert Paulson  2008-10-03 02:33:08
thank you. I appreciate the effort you have given to put me on the right path.
MikeJ  2008-10-03 03:11:00
If the added code snippets don't help, maybe you can edit your question and say what steps you've followed. It's hard to know where you're stuck.
Robert Paulson  2008-10-03 04:17:45

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps