Re: Forms Authentication without Login Page

From: Brad (nospam_at_co.lane.or.us)
Date: 12/19/03


Date: Fri, 19 Dec 2003 09:21:55 -0800

If I read your questions correctly, the quick answer is yes, you can do
exactly want your asking.
All you have to do is create the forms authentication ticket yourself when
the user logs in using your login dialog.

Here's an example of what you'd need to do:

Create a web user control which contains your sign-in dialog; a couple of
text boxes for name and password and perhaps a result label to display if
the login was incorrect. Code behind for this control would validate the
user and password, i.e. check them against a database. Then the code sets
the authentication cookie. i.e (very simple).
                FormsAuthentication.SetAuthCookie(UserName.Text, False)

Include above web control in your page(s). Obviously you don't want to show
this login dialog if they are already logged in so you can just put code in
the above user control to hide itself or in the page(s) to hide the control.
    i.e. (in the above user control)
                Me.Visible = Request.IsAuthenticated = False

As for what you show in your pages you can simply test like the following
                If Request.IsAuthenticated Then
                        ' do stuff to show my authorized content
                Else
                        ' do stuff to show my unauthorized content
               End If

Some references on this.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch08.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT03.asp

Hope this helps some

Brad

"Paul Hodgson" <abc@xyz.com> wrote in message
news:e4ccSfkxDHA.2464@TK2MSFTNGP12.phx.gbl...
> Is there any way to log someone in using Forms authentication *without*
> using RedirectFromLoginPage()?
>
> My reason for asking is that I'm trying to use Forms Authentication to
allow
> users to login to a site, but I keep coming up against the problem that
all
> the MS examples show using a Login page that users are redirected to if
they
> try to access a protected page. Trouble is - our site doesn't really have
> protected pages. Any page is accessible to anyone - but if you're not
logged
> in then the page will show different information from what it will show if
> you are logged in. Also, we don't want a separate login page, instead we
> want users to be able to login inline with small forms inside other pages.
>
> What this means I think is that I need to be able to do the following
> whenever a page is loaded:
> 1. Check explicitly if the user has been logged in using Forms
> Authentication so the code can decide what to display.
> 2. If appropriate, explicitly log the user in but without redirecting to
> anywhere else (if the user has just posted back to the page by filling in
a
> Login form).
>
> Any pointers on how to do that appreciated :-)
>
>



Relevant Pages

  • Forms Authentication without Login Page
    ... using RedirectFromLoginPage()? ... My reason for asking is that I'm trying to use Forms Authentication to allow ... the MS examples show using a Login page that users are redirected to if they ... explicitly log the user in but without redirecting to ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Separate Login site
    ... cookies that were written for that domain. ... primesite domain name as part of the url to your login page. ... page would read the prime site domain name and write the authentication ... RedirectFromLoginPage ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Need some help to understand two sentences
    ... I have worked with user control many times so I understand how they works. ... "Build a user control which works as a login control using Windows Class ... password and the login time. ... UserName: Nisse! ...
    (microsoft.public.dotnet.languages.csharp)
  • Forms auth for directory
    ... to login for. ... User control on each page for logging in. ... I'd like to use Forms auth and sql ... and then forward to the protected directory? ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Need some help to understand two sentences
    ... "Build a user control which works as a login control using Windows Class ... password and the login time. ... UserName: Nisse! ...
    (microsoft.public.dotnet.languages.csharp)