How to: Implement User Login with Client Application Services

You can use client application services to validate users through an existing Microsoft Ajax profile service. For information about how to set up the Microsoft Ajax profile service, see Using Forms Authentication with Microsoft Ajax.

The following procedures describe how to validate users through the authentication service when your application is configured to use one of the client authentication service providers. For more information, see How to: Configure Client Application Services.

You will typically perform all validation through the static Membership.ValidateUser method. This method manages the interaction with the authentication service through the configured authentication provider. For more information, see Client Application Services Overview.

The forms authentication procedures require access to a running Microsoft Ajax authentication service. For guidance on end-to-end testing of client application services features, see Walkthrough: Using Client Application Services.

To authenticate a user with forms authentication using a membership credentials provider

1. Implement the IClientFormsAuthenticationCredentialsProvider interface. The following code example shows a IClientFormsAuthenticationCredentialsProvider.GetCredentials implementation for a login dialog box class derived from System.Windows.Forms.Form. This dialog box has text boxes for user name and password and a "remember me" check box. When the client authentication provider calls the GetCredentials method, the form is displayed. When the user fills in the information in the login dialog box and clicks OK, the specified values are returned in a new ClientFormsAuthenticationCredentials object.

   Public Function GetCredentials() As  _
       ClientFormsAuthenticationCredentials Implements _
       IClientFormsAuthenticationCredentialsProvider.GetCredentials
   
       If Me.ShowDialog() = DialogResult.OK Then
           Return New ClientFormsAuthenticationCredentials( _
               UsernameTextBox.Text, PasswordTextBox.Text, _
               rememberMeCheckBox.Checked)
       Else
           Return Nothing
       End If
   
   End Function
   

   public ClientFormsAuthenticationCredentials GetCredentials()
   {
       if (this.ShowDialog() == DialogResult.OK)
       {
           return new ClientFormsAuthenticationCredentials(
               usernameTextBox.Text, passwordTextBox.Text,
               rememberMeCheckBox.Checked);
       }
       else
       {
           return null;
       }
   }
   

2. Call the static Membership.ValidateUser method and pass in empty strings as the parameter values. When you specify empty strings, this method internally calls the GetCredentials method for the credentials provider configured for your application. The following code example calls this method to restrict access to an entire Windows Forms application. You can add this code to a Form.Load handler.

   If Not System.Web.Security.Membership.ValidateUser( _
       String.Empty, String.Empty) Then
   
       MessageBox.Show("Unable to authenticate.", "Not logged in", _
           MessageBoxButtons.OK, MessageBoxIcon.Error)
       Application.Exit()
   
   End If
   

   if (!System.Web.Security.Membership.ValidateUser(
       String.Empty, String.Empty))
   {
       MessageBox.Show("Unable to authenticate.", "Not logged in",
           MessageBoxButtons.OK, MessageBoxIcon.Error);
       Application.Exit();
   }
   

To authenticate a user with forms authentication without using a membership credentials provider

• Call the static Membership.ValidateUser method and pass in user name and password values retrieved from the user.

  If Not System.Web.Security.Membership.ValidateUser( _
      usernameTextBox.Text, passwordTextBox.Text) Then
  
      MessageBox.Show("Unable to authenticate.", "Not logged in", _
              MessageBoxButtons.OK, MessageBoxIcon.Error)
      Application.Exit()
  
  End If
  

  if (!System.Web.Security.Membership.ValidateUser(
      usernameTextBox.Text, passwordTextBox.Text))
  {
      MessageBox.Show("Unable to authenticate.", "Not logged in",
          MessageBoxButtons.OK, MessageBoxIcon.Error);
      Application.Exit();
  }
  

To authenticate a user with Windows authentication

• Call the static Membership.ValidateUser method and pass empty strings for the parameters. This method call will always return true and will add a cookie to the user's cookie cache that contains the Windows identity.

  System.Web.Security.Membership.ValidateUser( _
      String.Empty, String.Empty)
  

  System.Web.Security.Membership.ValidateUser(
      String.Empty, String.Empty);
  

Robust Programming

The example code in this topic demonstrates the simplest usages of authentication in a Windows client application. When you call the static Membership.ValidateUser method with client application services and forms authentication, however, your code can throw a WebException. This indicates that the authentication service is unavailable. For an example of how to handle this exception, see Walkthrough: Using Client Application Services.

See Also

Tasks

How to: Configure Client Application Services

Walkthrough: Using Client Application Services

Concepts

Client Application Services Overview

Using Forms Authentication with Microsoft Ajax

Other Resources

Client Application Services