Login.OnLoggingIn(LoginCancelEventArgs) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Raises the LoggingIn event when a user submits login information but before the authentication takes place.
protected:
virtual void OnLoggingIn(System::Web::UI::WebControls::LoginCancelEventArgs ^ e);
protected virtual void OnLoggingIn (System.Web.UI.WebControls.LoginCancelEventArgs e);
abstract member OnLoggingIn : System.Web.UI.WebControls.LoginCancelEventArgs -> unit
override this.OnLoggingIn : System.Web.UI.WebControls.LoginCancelEventArgs -> unit
Protected Overridable Sub OnLoggingIn (e As LoginCancelEventArgs)
Parameters
A LoginCancelEventArgs containing the event data.
Examples
The following code example uses the LoggingIn event to ensure that the user has entered a well-formed email address in the UserName property. If not, the LoggingIn event handler cancels the login attempt and displays the error message specified in the InstructionText property.
<%@ page language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
// This custom Login control checks the user name
// entered by the user is a valid email address
class CustomLogin : Login
{
bool IsValidEmail(string strIn)
{
// Return true if strIn is in valid email format.
return Regex.IsMatch(strIn, @"^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$");
}
override protected void OnLoggingIn(System.Web.UI.WebControls.LoginCancelEventArgs e)
{
if (!IsValidEmail(UserName))
{
InstructionText = "You must enter a valid email address.";
e.Cancel = true;
}
else
{
InstructionText = String.Empty;
}
}
}
// Add the custom login control to the page.
void Page_Load(object sender, EventArgs e)
{
CustomLogin loginControl = new CustomLogin();
loginControl.ID = "loginControl";
Placeholder1.Controls.Add(loginControl);
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ASP.NET Example</title>
</head>
<body>
<form id="Form1" runat="server">
<asp:placeholder id="Placeholder1" runat="server"></asp:placeholder>
</form>
</body>
</html>
<%@ page language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
' This custom Login control checks the user name
' entered by the user is a valid email address.
Class CustomLogin
Inherits Login
Function IsValidEmail(ByVal strIn As String) As Boolean
' Return true if strIn is in valid email format.
Return Regex.IsMatch(strIn, ("^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$"))
End Function
Overrides Protected Sub OnLoggingIn(ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs)
If Not IsValidEmail(UserName) Then
InstructionText = "You must enter a valid email address."
e.Cancel = True
Else
InstructionText = String.Empty
End If
End Sub
End Class
' Add the custom login control to the page.
Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs)
Dim loginControl As New CustomLogin
loginControl.ID = "loginControl"
PlaceHolder1.Controls.Add(loginControl)
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ASP.NET Example</title>
</head>
<body>
<form id="Form1" runat="server">
<asp:placeholder id="Placeholder1" runat="Server"></asp:placeholder>
</form>
</body>
</html>
The following code example demonstrates how you can extend the Login control. The CustomLogin
control includes a DropDownList control that lets users choose which membership provider they are authenticated with. (These providers are configured in Web.config.) In the OnLoggingIn method, the MembershipProvider property is set to the selected value of the DropDownList control.
Important
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
namespace Samples.AspNet.Controls
{
public sealed class CustomLogin : Login
{
public CustomLogin() { }
protected override void OnLoggingIn(LoginCancelEventArgs e)
{
// Set the Membership provider for the Login control from a DropDownList.
DropDownList list = (DropDownList)this.FindControl("domain");
this.MembershipProvider = list.SelectedValue;
base.OnLoggingIn(e);
}
protected override void CreateChildControls()
{
LayoutTemplate = new MyTemplate();
base.CreateChildControls();
}
}
// A Template that contains the child controls.
public class MyTemplate : ITemplate
{
void ITemplate.InstantiateIn(Control container)
{
// A TextBox for the user name.
TextBox username = new TextBox();
username.ID = "username";
// A TextBox for the password.
TextBox password = new TextBox();
password.ID = "password";
// A CheckBox to remember the user on subsequent visits.
CheckBox remember = new CheckBox();
remember.ID = "RememberMe";
remember.Text = "Don't forget me!";
// Failure Text.
Literal failure = new Literal();
failure.ID = "FailureText";
// A DropDownList to choose the Membership provider.
DropDownList domain = new DropDownList();
domain.ID = "Domain";
domain.Items.Add(new ListItem("SqlMembers"));
domain.Items.Add(new ListItem("SqlMembers2"));
// A Button to log in.
Button submit = new Button();
submit.CommandName = "login";
submit.Text = "LOGIN";
container.Controls.Add(new LiteralControl("UserName:"));
container.Controls.Add(username);
container.Controls.Add(new LiteralControl("<br>Password:"));
container.Controls.Add(password);
container.Controls.Add(new LiteralControl("<br>"));
container.Controls.Add(remember);
container.Controls.Add(new LiteralControl("<br>Domain:"));
container.Controls.Add(domain);
container.Controls.Add(new LiteralControl("<br>"));
container.Controls.Add(failure);
container.Controls.Add(new LiteralControl("<br>"));
container.Controls.Add(submit);
}
}
}
Imports System.Data
Imports System.Configuration
Imports System.Web
Imports System.Web.Security
Imports System.Web.UI
Imports System.Web.UI.WebControls
Imports System.Web.UI.WebControls.WebParts
Imports System.Web.UI.HtmlControls
Namespace Samples.AspNet.Controls
NotInheritable Public Class CustomLogin
Inherits Login
Public Sub New()
End Sub
Protected Overrides Sub OnLoggingIn(ByVal e As LoginCancelEventArgs)
' Set the Membership provider for the Login control from a DropDownList.
Dim list As DropDownList = CType(Me.FindControl("domain"), DropDownList)
Me.MembershipProvider = list.SelectedValue
MyBase.OnLoggingIn(e)
End Sub
Protected Overrides Sub CreateChildControls()
LayoutTemplate = New MyTemplate()
MyBase.CreateChildControls()
End Sub
End Class
' A Template that contains the child controls.
Public Class MyTemplate
Implements ITemplate
Sub InstantiateIn(ByVal container As Control) Implements ITemplate.InstantiateIn
' A TextBox for the user name.
Dim username As New TextBox()
username.ID = "username"
' A TextBox for the password.
Dim password As New TextBox()
password.ID = "password"
' A CheckBox to remember the user on subsequent visits.
Dim remember As New CheckBox()
remember.ID = "RememberMe"
remember.Text = "Don't forget me!"
' Failure Text.
Dim failure As New Literal()
failure.ID = "FailureText"
' A DropDownList to choose the Membership provider.
Dim domain As New DropDownList()
domain.ID = "Domain"
domain.Items.Add(New ListItem("SqlMembers"))
domain.Items.Add(New ListItem("SqlMembers2"))
' A Button to log in.
Dim submit As New Button()
submit.CommandName = "login"
submit.Text = "LOGIN"
container.Controls.Add(New LiteralControl("UserName:"))
container.Controls.Add(username)
container.Controls.Add(New LiteralControl("<br>Password:"))
container.Controls.Add(password)
container.Controls.Add(New LiteralControl("<br>"))
container.Controls.Add(remember)
container.Controls.Add(New LiteralControl("<br>Domain:"))
container.Controls.Add(domain)
container.Controls.Add(New LiteralControl("<br>"))
container.Controls.Add(failure)
container.Controls.Add(New LiteralControl("<br>"))
container.Controls.Add(submit)
End Sub
End Class
End Namespace
Remarks
The OnLoggingIn method raises the LoggingIn event. Use the LoggingIn event to perform any processing that you need before authenticating a user or to perform custom validation.
Raising an event invokes the event handler through a delegate. For more information, see Handling and Raising Events.
The OnLoggingIn method also allows derived classes to handle the event without attaching a delegate. This is the preferred technique for handling the event in a derived class.
Notes to Inheritors
When overriding OnLoggingIn(LoginCancelEventArgs) in a derived class, be sure to call the base class's OnLoggingIn(LoginCancelEventArgs) method so that registered delegates receive the event.