Is there any way to provide user log-in without the need for a DB. We are deploying a system to control some hardware and the customer wants an interface they can access from a browser, but they also want to provide log-in to prevent just any body from accessing it.
I have no reason for a DB to implement what I need. I would hate to have to install a DB on the box just to provide authentication.
Pretty sure I am going to use a MVC web project.
Yes, you can use forms authentication and store the usernames and passwords in the web.config. I wouldn't recommend this approach for anything but the simplest sites.
Have a look at this MSDN article for more info:
Sure. For very simple sites you can simply use forms authentication and store usernames/password (encrypted, of course!) in web.config or in a users.xml file.
For larger, more fully-featured sites you can implement a custom membership provider to use whatever backing store you like, or utilise one of the off-the-shelf ones that are out there (such as this xml membership provider).
You can enable authentication via your web config, and specify the users within the same file instead of a database.
An example of this would look like :
<authentication mode="Forms">
<forms loginUrl="MyLoginPage.aspx">
<credentials passwordFormat="Clear">
<user name="Darren" password="foobar" />
</credentials>
</forms>
</authentication>
Then you could use it like
if (FormsAuthentication.Authenticate (txtUserName.Text, txtPassword.Text)){
FormsAuthentication.RedirectFromLoginPage (txtUserName.Text, False);}
see here for more details