Export (0) Print
Expand All

SqlMembershipProvider.ValidateUser Method

Verifies that the specified user name and password exist in the SQL Server membership database.

Namespace: System.Web.Security
Assembly: System.Web (in system.web.dll)

public override bool ValidateUser (
	string username,
	string password
)
public boolean ValidateUser (
	String username, 
	String password
)
public override function ValidateUser (
	username : String, 
	password : String
) : boolean
Not applicable.

Parameters

username

The name of the user to validate.

password

The password for the specified user.

Return Value

true if the specified username and password are valid; otherwise, false. A value of false is also returned if the user does not exist in the database.

This method is called by the Membership class to validate user information for a user in the SQL Server database specified in the ASP.NET application's configuration file (Web.config).

When a user is successfully validated, the last activity date and last sign-in date values are updated to the current date and time in the database.

If an incorrect password is supplied to the ValidateUser method, the internal counter that tracks invalid password attempts is incremented by one. This can result in the user being locked out and unable to log on until the lock status is cleared by a call to the UnlockUser method. If the correct password is supplied and the user is not currently locked out, then the internal counters that track invalid password and password-answer attempts are reset to zero. For more information, see the MaxInvalidPasswordAttempts and PasswordAttemptWindow properties.

Leading and trailing spaces are trimmed from all parameter values.

The following code example shows the sign-in page for an ASP.NET application configured to use forms authentication and the SqlMembershipProvider. If the supplied user credentials are invalid, a message is displayed to the user. Otherwise, the user is redirected to the originally requested URL using the RedirectFromLoginPage method.

NoteNote:

This example uses the Membership class to call the SqlMembershipProvider specified as the defaultProvider in the Web.config file. If you need to access the default provider as the type SqlMembershipProvider, you can cast the Provider property of the Membership class. To access other configured providers as a specific provider type, you can access them by their configured name with the Providers property of the Membership class and cast them as the specific provider type.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void Login_OnClick(object sender, EventArgs args)
{
   if (Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text))
      FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked);
   else
     Msg.Text = "Login failed. Please check your user name and password and try again.";
}


</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>Login</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Login</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br />
  Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br />
 
  <asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />
  <asp:CheckBox id="NotPublicCheckBox" runat="server" /> 
  Check here if this is <span style="text-decoration:underline">not</span> a public computer.

</form>

</body>
</html>

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0

Community Additions

ADD
Show:
© 2014 Microsoft