How to: Implement User Login with Client Application Services
You can use client application services to validate users through an existing ASP.NET AJAX profile service. For information about how to set up the ASP.NET AJAX profile service, see Using Forms Authentication with ASP.NET AJAX.
The following procedures describe how to validate users through the authentication service when your application is configured to use one of the client authentication service providers. For more information, see How to: Configure Client Application Services.
You will typically perform all validation through the static Membership.ValidateUser method. This method manages the interaction with the authentication service through the configured authentication provider. For more information, see Client Application Services Overview.
The forms authentication procedures require access to a running ASP.NET AJAX authentication service. For guidance on end-to-end testing of client application services features, see Walkthrough: Using Client Application Services.
To authenticate a user with forms authentication using a membership credentials provider
Implement the IClientFormsAuthenticationCredentialsProvider interface. The following code example shows a IClientFormsAuthenticationCredentialsProvider.GetCredentials implementation for a login dialog box class derived from System.Windows.Forms.Form. This dialog box has text boxes for user name and password and a "remember me" check box. When the client authentication provider calls the GetCredentials method, the form is displayed. When the user fills in the information in the login dialog box and clicks OK, the specified values are returned in a new ClientFormsAuthenticationCredentials object.
Public Function GetCredentials() As _ ClientFormsAuthenticationCredentials Implements _ IClientFormsAuthenticationCredentialsProvider.GetCredentials If Me.ShowDialog() = DialogResult.OK Then Return New ClientFormsAuthenticationCredentials( _ UsernameTextBox.Text, PasswordTextBox.Text, _ rememberMeCheckBox.Checked) Else Return Nothing End If End Function
public ClientFormsAuthenticationCredentials GetCredentials() { if (this.ShowDialog() == DialogResult.OK) { return new ClientFormsAuthenticationCredentials( usernameTextBox.Text, passwordTextBox.Text, rememberMeCheckBox.Checked); } else { return null; } }
Call the static Membership.ValidateUser method and pass in empty strings as the parameter values. When you specify empty strings, this method internally calls the GetCredentials method for the credentials provider configured for your application. The following code example calls this method to restrict access to an entire Windows Forms application. You can add this code to a Form.Load handler.
If Not System.Web.Security.Membership.ValidateUser( _ String.Empty, String.Empty) Then MessageBox.Show("Unable to authenticate.", "Not logged in", _ MessageBoxButtons.OK, MessageBoxIcon.Error) Application.Exit() End If
if (!System.Web.Security.Membership.ValidateUser( String.Empty, String.Empty)) { MessageBox.Show("Unable to authenticate.", "Not logged in", MessageBoxButtons.OK, MessageBoxIcon.Error); Application.Exit(); }
To authenticate a user with forms authentication without using a membership credentials provider
Call the static Membership.ValidateUser method and pass in user name and password values retrieved from the user.
If Not System.Web.Security.Membership.ValidateUser( _ usernameTextBox.Text, passwordTextBox.Text) Then MessageBox.Show("Unable to authenticate.", "Not logged in", _ MessageBoxButtons.OK, MessageBoxIcon.Error) Application.Exit() End If
if (!System.Web.Security.Membership.ValidateUser( usernameTextBox.Text, passwordTextBox.Text)) { MessageBox.Show("Unable to authenticate.", "Not logged in", MessageBoxButtons.OK, MessageBoxIcon.Error); Application.Exit(); }
To authenticate a user with Windows authentication
Call the static Membership.ValidateUser method and pass empty strings for the parameters. This method call will always return true and will add a cookie to the user's cookie cache that contains the Windows identity.
System.Web.Security.Membership.ValidateUser( _ String.Empty, String.Empty)
System.Web.Security.Membership.ValidateUser( String.Empty, String.Empty);
Robust Programming
The example code in this topic demonstrates the simplest usages of authentication in a Windows client application. When you call the static Membership.ValidateUser method with client application services and forms authentication, however, your code can throw a WebException. This indicates that the authentication service is unavailable. For an example of how to handle this exception, see Walkthrough: Using Client Application Services.
See Also
Tasks
How to: Configure Client Application Services
Walkthrough: Using Client Application Services
Concepts
Client Application Services Overview
Using Forms Authentication with ASP.NET AJAX