AuthenticationService.Login(String, String, String, Boolean) Method

Definition

Checks user credentials and creates an authentication ticket (cookie) if the credentials are valid.

public:
 bool Login(System::String ^ username, System::String ^ password, System::String ^ customCredential, bool isPersistent);
[System.ServiceModel.OperationContract]
public bool Login (string username, string password, string customCredential, bool isPersistent);
[<System.ServiceModel.OperationContract>]
member this.Login : string * string * string * bool -> bool
Public Function Login (username As String, password As String, customCredential As String, isPersistent As Boolean) As Boolean

Parameters

username
String

The user name to be validated.

password
String

The password for the specified user.

customCredential
String

The value or values to validate in addition to username and password, if any.

isPersistent
Boolean

A value that indicates whether the authentication ticket remains valid across sessions.

Returns

true if user credentials are valid; otherwise, false.

Attributes

Exceptions

userName or password is null.

Remarks

The Login method validates user credentials through a membership provider. You can use the default membership provider or specify a custom membership provider at run time. The AuthenticationService class passes userName and password to the membership provider's ValidateUser method, but does not pass customCredential. If ValidateUser returns true, AuthenticationService creates an authentication ticket as a cookie. Set the isPersistent parameter to true to create an authentication ticket that lasts beyond the current session.

Note

Always use the authentication service together with the secure sockets layer (SSL, by using HTTPS) to protect sensitive data.

The Login method raises the Authenticating event and the CreatingCookie event. Create an event handler for Authenticating to customize authentication, such as checking the values in customCredential or validating credentials through a non-default membership provider. The values in customCredential are not validated by the default membership provider. To customize the authentication cookie, create an event handler for CreatingCookie.

Note

Do not call the Login method from code that is executing on the Web server. You call the Login method only as part of a WCF service. For more information, see ASP.NET Authentication.

Applies to

See also