How do I use a ASP.NET Login control without using a MembershipProvider?

This is an offshoot of this question.

• How do I use a Login control if I don’t have a MembershipProvider to point it at?
• Am I understanding the use model correctly?
• Is it even reasonable to talk about using a Login control without a MembershipProvider?
• Dose the MembershipProvider do more than just username/password checking?
• Would it be more reasonable to create my own MembershipProvider with the same authentication logic?

In my case, I don’t need a MembershipProvider (I think) as my authentication situation is trivial (one user, one password).

I’m interested partly to “future proof” my page and partly because I’m new and wondering about how stuff works. (I tend to learn about things by running full speed into every corner case I can find 🙂

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

You can just drop the asp:Login control in your page, then in the code behind, catch the Login Control’s Authenticate event.

In the Authenticate event, check the username/password that the user has entered. The username/password are properties in the login control. (LoginCtrl.UserName, LoginCtrl.Password)

If the username/password is correct, just set the event args Authenticated property to True.

No membership provider is required.

ex. In the aspx page..

<asp:Login ID="LoginCtrl" runat="server" DestinationPageUrl="YouAreIn.aspx"></asp:Login>

In Code Behind

Private Sub Log_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginCtrl.Authenticate
    If LoginCtrl.UserName = "Hello" AndAlso LoginCtrl.Password = "Hello" Then
        e.Authenticated = True
    End If

c#

void MyLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
    if(UserName == "Hello" && Password == "Hello")
        e.Authenticated = true;
}

Method 2

If you don’t have a membership provider and don’t really have a security system to speak of, just put two boxes on a form (user name, password) and test it in the onclick of the button.

The login control is obviously overkill for what your trying to do.

Method 3

Use Simple Forms Authentication.

Method 4

You would have to make a custom authentication provider and plug it in via web.config. http://www.devx.com/asp/Article/29256

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0