ValidateUser Method

Membership.ValidateUser Method (String, String)


Verifies that the supplied user name and password are valid.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static bool ValidateUser(
	string username,
	string password


Type: System.String

The name of the user to be validated.

Type: System.String

The password for the specified user.

Return Value

Type: System.Boolean

true if the supplied user name and password are valid; otherwise, false.

ValidateUser provides an easy way to verify a user name and password from the data source. Note that, if the username parameter is empty or null, an HttpException is thrown.

The following code example shows the login page for an ASP.NET application configured to use forms authentication and the Membership class. If the supplied user credentials are invalid, a message is displayed to the user. Otherwise, the user is redirected to the originally requested URL by the RedirectFromLoginPage method.

System_CAPS_security Security Note

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

.NET Framework
Available since 2.0
Return to top
© 2015 Microsoft