by luisabreu via LA.NET [EN] on 3/7/2007 3:17:03 PM
As we all know, it's possible to reuse the ASP.NET authentication services and perform the authentication of the credentials of a user from the client side by using the Sys.Service._AuthenticationService class (a global object is inserted in all AJAX pages - Sys.Service.AuthenticationService - which you can use to login or logout a user). By default, this client class makes a specific web service call which AJAX knows how to handle in the server side (btw, the internal AuthenticationService class is responsible for performing these operations).
If you're curious, you've already checked the code of that class and you know that it leverages the membership provider pattern introduced by ASP.NET 2.0 - ie, it uses the Membership class to perform the authentication of a user). If you need to customize how the user validation is done, you may be thinking that building your own membership provider is your only chance. Though this works, it may be overkill if you've got a simple scenario and don't want to create a new membership provider. In these cases, you can build your own web service which performs the validation of the user's credentials. You only need to garantee that the service exposes two methods (Login and Logout) which receive the correct number and type of parameters. Here's a very simple example of how you can build such a service:
[WebService(Namespace = http://tempuri.org/)][WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)][System.Web.Script.Services.ScriptService]public class CustomLogin : System.Web.Services.WebService { [WebMethod] public bool Login(string userName, string password, bool createPersistentCookie ) { if (string.CompareOrdinal(userName, "luis") == 0 && string.CompareOrdinal(password, luis123") == 0) { FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); return true; } return false; }
[WebMethod] public void Logout() { FormsAuthentication.SignOut(); } }
Building a custom authentication service is really simple: you only need to set the authentication cookie when the credentials of the user are correct and delete that cookie when the user performs a logout operation. After doing that, you must change the default path to the service by setting the Path property of the AuthenticationServiceManager class:
<asp:ScriptManager runat="server" id="manager"> <Scripts> <AuthenticationService Path="web_service_path" /> </Scripts></asp:ScriptManager>
If you're only using client code, you must use the path property of the global AuthenticationService object like this:
Sys.Services.AuthenticationService.set_path( "web service path goes here" );
Original Post: Building a custom authentication service in AJAX
The content of the postings is owned by the respective author. CSharpFeeds is not responsible for the contents of the postings. This site is automatically generated and cannot be reviewed for abusive content. If you find abusive content on CSharpFeeds, please contact us. Designated trademarks and brands are the property of their respective owners. All rights reserved.
