ClientFormsAuthenticationMembershipProvider.ValidateUser Method (String, String, String)


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Authenticates a user at the specified service URI by using the specified user name and password.

Namespace:   System.Web.ClientServices.Providers
Assembly:  System.Web.Extensions (in System.Web.Extensions.dll)

public static bool ValidateUser(
	string username,
	string password,
	string serviceUri


Type: System.String

The name of the user to authenticate.

Type: System.String

The password of the user to authenticate.

Type: System.String

The URI of the authentication service to use.

Return Value

Type: System.Boolean

true if the user was authenticated; otherwise, false.

Exception Condition

The IsOffline property value is false and the membership provider is unable to access the authentication service.

You can use client application services to validate users by using forms authentication. To validate users, you will typically call the static Membership.ValidateUser method, which internally calls the ClientFormsAuthenticationMembershipProvider.ValidateUser method. Alternatively, you can call the ClientFormsAuthenticationMembershipProvider.ValidateUser method directly. You can call this overload to access an authentication service at the location specified by the serviceUri parameter. Using this overload is an alternative to setting the ServiceUri property and calling the ValidateUser(String, String) overload.

The following example code demonstrates how to use this method to validate the user through an authentication service at a specified location. The user credentials are retrieved from login controls in your application code. This example requires a TextBox control named usernameTextBox and a TextBox control named passwordTextBox.

private bool ValidateUsingServiceUri(String serviceUri)
    bool isAuthorized = false;
        // Call the static overload of ValidateUser. Specify credentials 
        // retrieved from login controls and the service location.
        isAuthorized = 
            usernameTextBox.Text, passwordTextBox.Text, serviceUri);
    catch (System.Net.WebException)
        MessageBox.Show("Unable to access the authentication service.",
            "Warning", MessageBoxButtons.OK, MessageBoxIcon.Warning);
    if (!isAuthorized)
        MessageBox.Show("Unable to authenticate.", "Not logged in",
            MessageBoxButtons.OK, MessageBoxIcon.Error);
    return isAuthorized;

.NET Framework
Available since 3.5
Return to top