Share via


WebSecurity Class

Definition

Provides security and authentication features for ASP.NET Web Pages applications, including the ability to create user accounts, log users in and out, reset or change passwords, and perform related tasks.

public static class WebSecurity
type WebSecurity = class
Public Class WebSecurity
Inheritance
WebSecurity

Fields

EnableSimpleMembershipKey

Represents the key to the enableSimpleMembership value in the AppSettings property.

Properties

CurrentUserId

Gets the ID for the current user.

CurrentUserName

Gets the user name for the current user.

HasUserId

Gets a value that indicates whether the current user has a user ID.

Initialized

Gets a value that indicates whether the InitializeDatabaseConnection(String, String, String, String, Boolean) method has been called.

IsAuthenticated

Gets the authentication status of the current user.

Methods

ChangePassword(String, String, String)

Changes the password for the specified user.

ConfirmAccount(String, String)

Confirms that an account for the specified user name is valid and activates the account.

ConfirmAccount(String)

Confirms that an account is valid and activates the account.

CreateAccount(String, String, Boolean)

Creates a new membership account using the specified user name and password and optionally lets you specify that the user must explicitly confirm the account.

CreateUserAndAccount(String, String, Object, Boolean)

Creates a new user profile entry and a new membership account.

GeneratePasswordResetToken(String, Int32)

Generates a password reset token that can be sent to a user in email.

GetCreateDate(String)

Returns the date and time when the specified membership account was created.

GetLastPasswordFailureDate(String)

Returns the date and time when an incorrect password was most recently entered for the specified account.

GetPasswordChangedDate(String)

Returns the date and time when the password was most recently changed for the specified membership account.

GetPasswordFailuresSinceLastSuccess(String)

Returns the number of times that the password for the specified account was incorrectly entered since the last successful login or since the membership account was created.

GetUserId(String)

Returns the ID for a user based on the specified user name.

GetUserIdFromPasswordResetToken(String)

Returns a user ID from a password reset token.

InitializeDatabaseConnection(String, String, String, String, Boolean, SimpleMembershipProviderCasingBehavior)
InitializeDatabaseConnection(String, String, String, String, Boolean)

Initializes the membership system by connecting to a database that contains user information and optionally creates membership tables if they do not already exist.

InitializeDatabaseConnection(String, String, String, String, String, Boolean, SimpleMembershipProviderCasingBehavior)
InitializeDatabaseConnection(String, String, String, String, String, Boolean)

Initializes the membership system by connecting to a database that contains user information by using the specified membership or role provider, and optionally creates membership tables if they do not already exist.

IsAccountLockedOut(String, Int32, Int32)

Returns a value that indicates whether the specified membership account is temporarily locked because of too many failed password attempts in the specified number of seconds.

IsAccountLockedOut(String, Int32, TimeSpan)

Returns a value that indicates whether the specified membership account is temporarily locked because of too many failed password attempts in the specified time span.

IsConfirmed(String)

Returns a value that indicates whether the user has been confirmed.

IsCurrentUser(String)

Returns a value that indicates whether the user name of the logged-in user matches the specified user name.

Login(String, String, Boolean)

Logs the user in.

Logout()

Logs the user out.

RequireAuthenticatedUser()

If the user is not authenticated, sets the HTTP status to 401 (Unauthorized).

RequireRoles(String[])

If the current user is not in all of the specified roles, sets the HTTP status code to 401 (Unauthorized).

RequireUser(Int32)

If the specified user is not logged on, sets the HTTP status to 401 (Unauthorized).

RequireUser(String)

If the current user does not match the specified user name, sets the HTTP status to 401 (Unauthorized).

ResetPassword(String, String)

Resets a password by using a password reset token.

UserExists(String)

Returns a value that indicates whether the specified user exists in the membership database.

Applies to