Thursday, September 2, 2010

WindowsLogin validation

by Suhasini Balla, .Net Developer

Login Control:
ASP.Net Login Control provides a solution to Login without requiring much programming. It provides you with a ready-to-use user interface that queries the user name and password entered by the user and offers a Log In button for login. It validates user credentials against the membership API and encapsulating the basic forms authentication functionality like redirecting back to the original requested page in a restricted area of you application after the successful login. Here in the below example I used the Login Control to check the username submitted by the user with the Windows User account/Username. It verifies whether the same user who has logged in the system is accessing the application( by using WindowsIdentity).

User identity is a common means of controlling access to a business application or limiting the options available within that application. The .NET Framework classes under the namespace System.Security.Principal are provided to assist in making such role-based security determinations.

//Here is the aspx page where the Login Control is used
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">

<html xmlns="">
<head runat="server">
<title>Untitled Page</title>
<form id="form1" runat="server">

<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Form1.aspx"
onauthenticate="Login1_Authenticate" PasswordRequiredErrorMessage="Please enter Password" >

Active Directory:
An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains.(In order to validate the Username submitted by the user in the Login Control we need the access the Username stored in the Active Directory)
The System.DirectoryServices namespace provides easy access to Active Directory from managed code. System.DirectoryServices offers access to Active Directory through the .NET Framework.
With System.DirectoryServices, you can write applications that access directory services such as Active Directory in managed code in programming languages such as C# and Visual Basic.

Here I am using System.Security.Principal.WindowsIdentity.GetCurrent().Name to get the client machine username,with windows authentication in my Web.Config.
System.Security.Principal namespace defines a principal object that represents the security context under which code is running. The WindowsIdentity class implements the IIdentity interface. It represents the identity of the user based on a method of authentication supported by the Windows operating system. A Windows identity provides the ability to impersonate another user so resources can be accessed on that user's behalf.

Here I am using System.Security.Principal.WindowsIdentity.GetCurrent().Name to get the client machine username,with windows authentication in the Web.Config.

using System;
using System.Text.RegularExpressions;
using System.Configuration;
using System.Data;
using System.DirectoryServices;
using System.Security.Principal;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
public partial class _Default : System.Web.UI.Page
protected void Page_Load(object sender, EventArgs e)

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
bool Authenticated = false;
Authenticated = ValidateLogin(Login1.UserName, Login1.Password);
e.Authenticated = Authenticated;
if (Authenticated == true)


protected bool ValidateLogin(string UserName, string Password)
bool boolReturnValue = false;
String name = WindowsIdentity.GetCurrent().Name.ToString();
string strname = name.Substring(name.IndexOf("\\")+1);
if ((UserName ==strname))
boolReturnValue = true;
return boolReturnValue;



No comments:

Post a Comment