Membership.ValidateUser() from Login.OnAuthenticate()?

Discussion in 'ASP .Net Security' started by asnowfall@gmail.com, Jan 15, 2008.

  1. Guest

    I am using 'System.Web.Security.Membership' &
    'System.Web.UI.WebControls.Login' control to implement Forms based
    authentication.

    Can I call Membership.ValidateUser() from Login.OnAuthenticate()? I
    want to do this because I want to control cookie creation.

    I have not been able to find a sample code where
    Membership.ValidateUser() is called and
    'System.Web.UI.WebControls.Login' control is also being used at the
    same time; and I see Membership.ValidateUser() being used along with
    custom log-in form.

    Please let me know whether it is legal to call
    Membership.ValidateUser() from Login.OnAuthenticate().

    Thanks
    Ramesh
     
    , Jan 15, 2008
    #1
    1. Advertising

  2. Yep. You can do that. It is simply doing a database call to verify the supplied
    credentials.

    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > I am using 'System.Web.Security.Membership' &
    > 'System.Web.UI.WebControls.Login' control to implement Forms based
    > authentication.
    >
    > Can I call Membership.ValidateUser() from Login.OnAuthenticate()? I
    > want to do this because I want to control cookie creation.
    >
    > I have not been able to find a sample code where
    > Membership.ValidateUser() is called and
    > 'System.Web.UI.WebControls.Login' control is also being used at the
    > same time; and I see Membership.ValidateUser() being used along with
    > custom log-in form.
    >
    > Please let me know whether it is legal to call
    > Membership.ValidateUser() from Login.OnAuthenticate().
    > Thanks
    > Rames
     
    Dominick Baier, Jan 15, 2008
    #2
    1. Advertising

  3. Guest

    I am using custom membership provider and I think your answer applies
    holds even for that.

    Thanks
    Ramesh

    On Jan 15, 5:29 pm, Dominick Baier
    <dbaier@pleasepleasenospam_leastprivilege.com> wrote:
    > Yep. You can do that. It is simply doing a database call to verify the supplied
    > credentials.
    >
    > -----
    > Dominick Baier (http://www.leastprivilege.com)
    >
    > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
    >
    >
    >
    > > I am using 'System.Web.Security.Membership' &
    > > 'System.Web.UI.WebControls.Login' control to implement Forms based
    > > authentication.

    >
    > > Can I call Membership.ValidateUser() from Login.OnAuthenticate()? I
    > > want to do this because I want to control cookie creation.

    >
    > > I have not been able to find a sample code where
    > > Membership.ValidateUser() is called and
    > > 'System.Web.UI.WebControls.Login' control is also being used at the
    > > same time; and I see Membership.ValidateUser() being used along with
    > > custom log-in form.

    >
    > > Please let me know whether it is legal to call
    > > Membership.ValidateUser() from Login.OnAuthenticate().
    > > Thanks
    > > Ramesh- Hide quoted text -

    >
    > - Show quoted text -
     
    , Jan 16, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. pj
    Replies:
    1
    Views:
    2,362
    Steve C. Orr [MVP, MCSD]
    Nov 16, 2006
  2. Replies:
    0
    Views:
    481
  3. Replies:
    0
    Views:
    514
  4. John Devlon

    Membership.ValidateUser always false

    John Devlon, Apr 17, 2008, in forum: ASP .Net
    Replies:
    0
    Views:
    2,526
    John Devlon
    Apr 17, 2008
  5. natasha
    Replies:
    0
    Views:
    392
    natasha
    Nov 21, 2006
Loading...

Share This Page