How do I use a ASP.NET Login control without using a MembershipProvider?
Solution 1
You can just drop the asp:Login control in your page, then in the code behind, catch the Login Control's Authenticate event.
In the Authenticate event, check the username/password that the user has entered. The username/password are properties in the login control. (LoginCtrl.UserName, LoginCtrl.Password)
If the username/password is correct, just set the event args Authenticated property to True.
No membership provider is required.
ex. In the aspx page..
<asp:Login ID="LoginCtrl" runat="server" DestinationPageUrl="YouAreIn.aspx"></asp:Login>
In Code Behind
Private Sub Log_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginCtrl.Authenticate
If LoginCtrl.UserName = "Hello" AndAlso LoginCtrl.Password = "Hello" Then
e.Authenticated = True
End If
c#
void MyLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
if(UserName == "Hello" && Password == "Hello")
e.Authenticated = true;
}
Solution 2
If you don't have a membership provider and don't really have a security system to speak of, just put two boxes on a form (user name, password) and test it in the onclick of the button.
The login control is obviously overkill for what your trying to do.
Solution 3
Use Simple Forms Authentication.
Tjkoopa
For me, fun is taking a program, language, whatever and making it do things it's designer never envisioned it doing. It comes in handy when I'm asked to do something a little outside the norm as part of my job.
Updated on October 15, 2020Comments
-
Tjkoopa over 3 years
This is an offshoot of this question.
- How do I use a
Login
control if I don't have aMembershipProvider
to point it at? - Am I understanding the use model correctly?
- Is it even reasonable to talk about using a
Login
control without aMembershipProvider
? - Dose the
MembershipProvider
do more than just username/password checking? - Would it be more reasonable to create my own
MembershipProvider
with the same authentication logic?
In my case, I don't need a
MembershipProvider
(I think) as my authentication situation is trivial (one user, one password).I'm interested partly to "future proof" my page and partly because I'm new and wondering about how stuff works. (I tend to learn about things by running full speed into every corner case I can find :)
- How do I use a
-
Tjkoopa almost 15 yearsThat might work in my case but it doesn't answer the question.
-
Tjkoopa almost 15 yearsyou are probably correct... for now. Also that forces me to figure out how to deal with cookies and redirection and whatnot.
-
Justin Largey almost 15 yearsAlso, to force the user to go to the login page, use forms authentication.
-
Tjkoopa almost 15 yearsIf only it were so easy. I just tried it and the login jumps directly back into the login page rather than the page it was redirected from.
-
Justin Largey almost 15 yearsBCS - Did you set the DestinationPageUrl?
-
Tjkoopa almost 15 yearsNo, but every source I've found up to now indicates that the default will be the page that redirected to the login page.
-
Justin Largey almost 15 yearsin your web.config are you denying anonymous users? <authorization> <deny users="?"/> <allow users="*"/> </authorization> also, here's my authentication settings, just for reference. <authentication mode="Forms"> <forms loginUrl="login.aspx" protection="All" path="/" timeout="30"></forms> </authentication>
-
Tjkoopa almost 15 yearsI'm not having trouble creating a cookie, I just haven't ever worked with it and would rather not have to learn right now.
-
Justin Largey almost 15 yearsthe comments don't seem to format XML properly. When you say referring page, do you mean the page the user was one to get to your login page? or the page the user was access before being prompted to login? or something else?
-
Tjkoopa almost 15 yearsAfter fixing
web.conf
it works without settingDestinationPageUrl
. -
Justin Largey almost 15 yearsoh, cool, did you set the defaultUrl in the web.config instead?
-
Tjkoopa almost 15 yearsNope, it works as expected: if left unset, it goes right back to the page that redirected to
Loging.aspx
whatever that happens to be this time. -
jp2code about 8 years@BCS - could I get a cleaned version of this code? I'm interested in getting something like this to work (C#), but the Login control doesn't appear to have any Event Handlers like Justin wired up. Also, there seems to be a lot of the solution in the comments. I don't know what is good and what is not.