Click to See Complete Forum and Search --> : Forms Authentication
Sivar
July 25th, 2006, 08:30 AM
Hi,
I have a table contains Username and Password, I have to use this table to implement Forms Authentication. So instead of mentioning each user name and password in the Web.Config I wanted to use this table values.
can i use a dynamicaly generated xml file having user name and password details
or
can i override Forms.Authenticate method
Expecting Gurus guidance
Sivar
Note: I am using SQL Server 2000 and ASP.Net (Visual Studio .Net 2003)
jasonli
July 25th, 2006, 10:42 AM
Actually, you could store username and password anywhere if you want. Basically, we could store them in DB, Active Directory and web.config. It doesn't matter with FormsAuthentication functions.
Here is a sample code:
' code to retrieve userInfo from DB
If (Not userInfo Is Nothing) AndAlso Request("txtUser").ToUpper().Trim() = userInfo(0).ToUpper().Trim() Then If AD.IsUserValid(Request("txtUser"), Request("txtPassword"), fullName) Then ' call validate function from Active Directory
Dim htSecurity As New Hashtable()
htSecurity.Clear()
htSecurity.Add("userName", Request("txtUser"))
Session("Security") = htSecurity
FormsAuthentication.RedirectFromLoginPage(Request("txtUser"), False)
Else
lblErr2.Visible = True
End If
Hope it does make sense.
Sivar
July 28th, 2006, 12:21 AM
Thanks for the reply
You are not at all used Forms.Authenticate method in the sample and you are using Session("Security"). I am pretty new to ASP.Net. Sorry I couldn't understand the example.
I understand that Forms.Authenticate method is internaly using a cookie. if we try to access the web pages without authentication it will redirect it to logon page by using FormsAuthentication.RedirectFromLoginPage method. Forms.Authenticate method is searching username and password in the web config file.
I wanted to override this place and I wanted to do it through DB. if given example is Soultion for the problem could you please explain it detail, or could you give another way to solve it.
Thanks
Sivar
jasonli
July 28th, 2006, 08:26 AM
Sorry, the sample code is not very neat. In fact, FormsAuthentication.RedirectFromLoginPage is the point. I just validate username and password before the method.
Don't wish formsauthentication could do anything for you. you still have many stuff to do. And you can check http://msdn2.microsoft.com/en-us/library/xdt4thhy.aspx.
codeguru.com
Copyright Internet.com Inc., All Rights Reserved.