Export (0) Print
Expand All
16 out of 39 rated this helpful - Rate this topic

Login Class

Note: This class is new in the .NET Framework version 2.0.

Provides user interface (UI) elements for logging in to a Web site.

Namespace: System.Web.UI.WebControls
Assembly: System.Web (in system.web.dll)

[BindableAttribute(false)] 
public class Login : CompositeControl
/** @attribute BindableAttribute(false) */ 
public class Login extends CompositeControl
BindableAttribute(false) 
public class Login extends CompositeControl

The Login control is a composite control that provides all the common UI elements needed to authenticate a user on a Web site. The following three elements are required for all login scenarios:

  • A unique user name to identify the user.

  • A password to verify the identity of the user.

  • A login button to send the login information to the server.

The Login control also provides the following optional UI elements that support additional functions:

  • A link for a password reminder.

  • A Remember Me checkbox for retaining the login information between sessions.

  • A Help link for users who are having trouble logging in.

  • A Register New User link that redirects users to a registration page.

  • Instruction text that appears on the login form.

  • Custom error text that appears when the user clicks the login button without filling in the user name or password fields.

  • Custom error text that appears if the login fails.

  • A custom action that occurs when login succeeds.

  • A way to hide the login control if the user is already logged in to the site.

For a table showing which controls are required and which are optional, see LayoutTemplate property.

Security noteSecurity Note

Accepting user input is a potential security threat. Malicious users can send data that is intended to expose vulnerabilities or run programs that try generated passwords. To improve security when working with user input, you should use the validation features of your control and secure any data providers that are configured for your control. For more information, see Securing Login Controls, Basic Security Practices for Web Applications, and Securing Membership.

The Login control uses a membership provider to obtain user credentials. Unless you specify otherwise, the Login control uses the default membership provider defined in the Web.config file. To specify a different provider, set the MembershipProvider property to one of the membership provider names defined in your application's Web.config file. For more information, see Membership Providers.

If you want to use a custom authentication service, you can use the OnAuthenticate method to call the service.

Styles and Templates

The appearance of the Login control is fully customizable through templates and style settings. All UI text messages are also customizable through properties of the Login class. The default interface text is automatically localized based on the locale setting on the server.

If the Login control is customized with templates, then the AccessKey property and the TabIndex property are ignored. In this case, set the AccessKey property and the TabIndex property of each template child control directly.

Login control properties represented by text boxes, such as UserName and Password, are accessible during all phases of the page life cycle. The control will pick up any changes made by the end user by means of the TextChanged event triggered by the textboxes.

NoteNote

If you embed the Login control in a WizardStep object, explicitly set the ActiveStepIndex property in a Page_Load event handler if the user is authenticated. The Wizard control does not automatically advance to the next WizardStep object in this scenario.

The following table lists the Login control style properties and explains which UI element each style property affects. For a list of which properties each style applies to, see the documentation for the individual style properties.

Style property

UI element affected

BorderPadding

The space between the control contents and the control's border.

CheckBoxStyle

Remember Me checkbox.

FailureTextStyle

Login failure text.

InstructionTextStyle

Instructional text on the page that tells users how to use the control.

LabelStyle

Labels for all input fields, such as text boxes.

TextBoxStyle

Text entry input fields.

TitleTextStyle

Title text.

ValidatorTextStyle

Text displayed to the user when a login attempt is unsuccessful due to validation errors.

HyperLinkStyle

Links to other pages.

LoginButtonStyle

Login button.

Validation Groupings

The UserName and Password properties have RequiredFieldValidator controls associated with them to prevent users from submitting the page without providing required information.

The Login control uses a validation group so that other fields on the same page as the Login control can be validated separately. By default, the ID property of the Login control is used as the name of the validation group. For example, a Login control with the ID "Login1" will use a validation group name of "Login1". If you want to set the validation group that the Login control is part of, you must template the control and change the validation group name.

Accessibility

The markup rendered by default for this control might not conform to accessibility standards such as the Web Content Accessibility Guidelines 1.0 (WCAG) priority 1 guidelines. For details about accessibility support for this control, see ASP.NET Controls and Accessibility.

TopicLocation
How to: Build and Run the Profile Provider ExampleBuilding ASP .NET Web Applications
How to: Use Advanced Features of the ASP.NET Login ControlBuilding ASP .NET Web Applications
How to: Create an ASP.NET Login PageBuilding ASP .NET Web Applications
How to: Build and Run the Profile Provider ExampleBuilding ASP .NET Web Applications
How to: Use Advanced Features of the ASP.NET Login ControlBuilding ASP .NET Web Applications
How to: Create an ASP.NET Login PageBuilding ASP .NET Web Applications
Walkthrough: Creating a Web Site with Membership and User Login (Visual Studio)Building ASP .NET Web Applications in Visual Studio
How to: Create an ASP.NET Login PageBuilding ASP .NET Web Applications in Visual Studio

The following code example uses a Login control to provide a UI for logging in to a Web site.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.ComponentModel" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<SCRIPT runat="server">
bool IsValidEmail(string strIn)
{
    // Return true if strIn is in valid e-mail format.
    return Regex.IsMatch(strIn, @"^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$"); 
}

void OnLoggingIn(object sender, System.Web.UI.WebControls.LoginCancelEventArgs e)
{
    if (!IsValidEmail(Login1.UserName))
    {
        Login1.InstructionText = "Enter a valid e-mail address.";
        Login1.InstructionTextStyle.ForeColor = System.Drawing.Color.RosyBrown;
        e.Cancel = true;
    }
    else
    {
        Login1.InstructionText = String.Empty;
    }
}

void OnLoginError(object sender, EventArgs e)
{
    Login1.HelpPageText = "Help with logging in...";
    Login1.PasswordRecoveryText = "Forgot your password?";
}
</SCRIPT>

<HTML>
    <BODY>
        <FORM runat="server">
            <asp:Login id="Login1" runat="server" 
                BorderStyle="Solid" 
                BackColor="#F7F7DE" 
                BorderWidth="1px"
                BorderColor="#CCCC99" 
                Font-Size="10pt" 
                Font-Names="Verdana" 
                CreateUserText="Create a new user..."
                CreateUserUrl="newUser.aspx" 
                HelpPageUrl="help.aspx"
                PasswordRecoveryUrl="getPass.aspx" 
                UserNameLabelText="E-mail address:" 
                OnLoggingIn=OnLoggingIn
                OnLoginError=OnLoginError >
                <TitleTextStyle Font-Bold="True" 
                    ForeColor="#FFFFFF" 
                    BackColor="#6B696B">
                </TitleTextStyle>
            </asp:Login>

        </FORM>
    </BODY>
</HTML>

The following code example demonstrates how you can extend the Login control. The CustomLogin control includes a DropDownList control that lets users choose which membership provider they are authenticated with. (These providers are configured in Web.config.) In the OnLoggingIn method, the MembershipProvider property is set to the selected value of the DropDownList control.

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

namespace Samples.AspNet.Controls
{
    public sealed class CustomLogin : Login
    {
        public CustomLogin() { }
        
        protected override void OnLoggingIn(LoginCancelEventArgs e)
        {
            // Set the Membership provider for the Login control from a DropDownList.
            DropDownList list = (DropDownList)this.FindControl("domain");
            this.MembershipProvider = list.SelectedValue;
            base.OnLoggingIn(e);
        }
        
        protected override void CreateChildControls()
        {
            LayoutTemplate = new MyTemplate();
            base.CreateChildControls();
        }
    }
    
    // A Template that contains the child controls.
    public class MyTemplate : ITemplate
    {
        void ITemplate.InstantiateIn(Control container)
        {
            // A TextBox for the user name.
            TextBox username = new TextBox();
            username.ID = "username";
            
            // A TextBox for the password.
            TextBox password = new TextBox();
            password.ID = "password";
            
            // A CheckBox to remember the user on subsequent visits.
            CheckBox remember = new CheckBox();
            remember.ID = "RememberMe";
            remember.Text = "Don't forget me!";
            
            // Failure Text.
            Literal failure = new Literal();
            failure.ID = "FailureText";
            
            // A DropDownList to choose the Membership provider.
            DropDownList domain = new DropDownList();
            domain.ID = "Domain";
            domain.Items.Add(new ListItem("SqlMembers"));
            domain.Items.Add(new ListItem("SqlMembers2"));
            
            // A Button to log in.
            Button submit = new Button();
            submit.CommandName = "login";
            submit.Text = "LOGIN";

            container.Controls.Add(new LiteralControl("UserName:"));
            container.Controls.Add(username);
            container.Controls.Add(new LiteralControl("<br>Password:"));
            container.Controls.Add(password);
            container.Controls.Add(new LiteralControl("<br>"));
            container.Controls.Add(remember);
            container.Controls.Add(new LiteralControl("<br>Domain:"));
            container.Controls.Add(domain);
            container.Controls.Add(new LiteralControl("<br>"));
            container.Controls.Add(failure);
            container.Controls.Add(new LiteralControl("<br>"));
            container.Controls.Add(submit);
        }
    }    
}

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.