Modified Login Control & Roles

Home ›

ASP.NET Forums » General ASP.NET » Security » Modified Login Control & Roles

Shortcuts

Previous Next

Modified Login Control & Roles

Last post 06-17-2008 9:51 PM by jpcoliveros. 6 replies.

Sort Posts:

Modified Login Control & Roles

06-17-2008, 2:29 PM

Contact

4 point Member
VII-Twilight
Member since 05-24-2008, 4:35 AM
Curacao, Netherlands Antilles
Posts 20

Hi.

If you modify the Login control in the .vb of your Log in file, will you still be able to use roles to secure your site?

Because after I modified the Login control code in .vb file, roles do now seem to take effect

Thank you,

Stephany J. Calmes

Filed under: roles, log in controls

Re: Modified Login Control & Roles

06-17-2008, 2:59 PM

Contact

4,576 point Contributor
DotNetAdvisor
Member since 10-29-2007, 8:33 PM
Raleigh, NC
Posts 869

How did you modify it? Did you handle the authentication yourself?

Rob Mills

www.dotnetadvisor.com

Re: Modified Login Control & Roles

06-17-2008, 3:05 PM

Contact

4 point Member
VII-Twilight
Member since 05-24-2008, 4:35 AM
Curacao, Netherlands Antilles
Posts 20

Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate

I did that and a bunch more code ...does it over-ride the login control authentication that uses the web-admin tool? ?

Thank you,

Stephany J. Calmes

Re: Modified Login Control & Roles

06-17-2008, 4:08 PM

Contact

4,576 point Contributor
DotNetAdvisor
Member since 10-29-2007, 8:33 PM
Raleigh, NC
Posts 869

That's what I thought you were overriding.

So you're probably setting the cookie in this method. So then what you're going to need to do is store the roles in the cookie and then upon each request setup the IPrincipal and IIdentity objects. Typically people place the roles in a delimited string into the UserData property of the FormsAuthenticationTicket. Then parse it on the request.

Let me know if you need any help with that.

Rob Mills

www.dotnetadvisor.com

Re: Modified Login Control & Roles

06-17-2008, 5:40 PM

Contact

4 point Member
VII-Twilight
Member since 05-24-2008, 4:35 AM
Curacao, Netherlands Antilles
Posts 20

Ok. I'm going to try it. Thnx for your help Smile

Thank you,

Stephany J. Calmes

Re: Modified Login Control & Roles

06-17-2008, 6:14 PM

Contact

Answer

60,874 point All-Star
anas
Member since 09-21-2006, 8:31 AM
Palestinian Territory, Occupied
Posts 6,859

check this thread

are you using the membership database ? or you have your own tables and you want to use asp.net security ? all discussed in this thread .

http://forums.asp.net/p/1272463/2409372.aspx

Regards,

Anas Ghanem | Blog

Re: Modified Login Control & Roles

06-17-2008, 9:51 PM

Contact

Answer

2,622 point Contributor
jpcoliveros
Member since 01-06-2006, 1:54 AM
Philippines
Posts 376

VII-Twilight:
Hi.

If you modify the Login control in the .vb of your Log in file, will you still be able to use roles to secure your site?

Because after I modified the Login control code in .vb file, roles do now seem to take effect

You mean don't?

If you are using the ASP.NET membership, you can validate the user account using the Membership API and still can use the roles defined on your RoleProvider

e.g.

On button click (say of your customized login control)

Dim username as string
Dim password as string
Dim isvalid as boolean

username = textbox1.text 'assuming username textbox has an id of textbox1
password = textbox2.text 'assuming password textbox has an id of textbox2

isvalid = membership.validateuser(username, password)

if isvalid = true then

formsauthentication.setauthcookie(username, true)

'do more logic

' to get the roles associated with the user, you can use the Roles.GetRolesForUser(username) and throw it to a string array

end if

Patrick Oliveros
superpatrick.wordpress.com