Forms Authentication – Manual Authentication
October 5th, 2009 | 
Author: 
I’ve had several occasions in the past where I’ve needed to do my own authentication or I’ve needed to add some additional methods to the authentication process.
As easy as Microsoft has made the authentication process, you might think that in order to manually authenticate you’d need to write all of your authentication code manually. But nothing could be farther from the truth.
In fact, most of the time all you need to do is trap an event handler in the existing login control.
A couple of years ago, I was asked to create a login page that used a web service to authenticate the user. I also needed to add another form field to the login screen, so it became obvious that to do this I’d need to turn the login control into a templated control.
Once this was done it was a simple matter to trap the click event of the login button, authenticate against the web service, and then set the authentication cookie for ASP.NET.
Since I can’t show you how to authenticate against the service–your implementation will almost certainly be different–we will skip that section. But to set the cookie, all we need to do is to revert to the ASP.NET 1.1 way of setting up the login.
if (Request.QueryString["ReturnUrl"] != null) { FormsAuthentication.RedirectFromLoginPage (m_tbUsername.Text, persistentCookie); } else { FormsAuthentication.SetAuthCookie (m_tbUsername.Text, persistentCookie); Response.Redirect("~/"); }
The first line checks to see if there was a Return URL specified. If there was we can use the RedirectFromLoginPage API. Otherwise, we need to set the Authentication Cookie manually and redirect on our own.
The persistentCookie parameter is true if we want the user to always be logged in. Otherwise, the login is for the session.
Other post in forms authentication
- WordPress w/ Forms Authentication on IIS6 - May 21st, 2008
- Setting Up Your Forms Based Authentication Database - September 14th, 2009
- Forms Authentication – Creating Users - September 21st, 2009
- Forms Authentication – Managing Users - September 28th, 2009
- Forms Authentication – Manual Authentication - October 5th, 2009
- Determine The Role of a User in ASP.NET - October 13th, 2009
- ASP.NET Assigning a Role to a User - October 19th, 2009
- Authentication - Assigning Permissions to Roles - October 26th, 2009
- The Google Appliance and Forms Authentication - August 4th, 2010
Other Related Items:
A Potty for Me!: A Lift-the-Flap Instruction ManualThis playful account of a toddler's first potty experience (written from the child's point of view) is dedicated "to all the little ones . . . whenever you are ready." That same no-pressure attitude prevails throughout the sing-songy story of hesitation, trial, mishap, and success.
"They Say / I Say": The Moves That Matter in Academic Writing (Second Edition)The book that demystifies academic writing, teaching students to frame their arguments in the larger context of what else has been said about their to... Read More >
A Certificate of Authenticity is included with this autographed Photograph.
In the event this exact image is sold out, an alternate photo of the same athlete will be shipped instead.
Related Post
Posted in forms authentication | 
Tags: authentication, formsauthentication, manual, redirectfromloginpage, setauthcookie
One Response to “Forms Authentication – Manual Authentication”
Why cant you just show us the code for authenticating against the service as well? It doesnt matter if our implementations are different – we can at least the get the feel of what exactly the entry is about. Please post some sample authentication code as well as how to tap into login control events?