public static bool Authenticate(string name, string password) { if (name == null || password == null) { return(false); } Initialize(); HttpContext context = HttpContext.Current; if (context == null) { throw new HttpException("Context is null!"); } name = name.ToLower(Helpers.InvariantCulture); #if NET_2_0 AuthenticationSection section = (AuthenticationSection)WebConfigurationManager.GetSection(authConfigPath); FormsAuthenticationCredentials config = section.Forms.Credentials; FormsAuthenticationUser user = config.Users[name]; string stored = null; if (user != null) { stored = user.Password; } #else AuthConfig config = context.GetConfig(authConfigPath) as AuthConfig; Hashtable users = config.CredentialUsers; string stored = users [name] as string; #endif if (stored == null) { return(false); } bool caseInsensitive = true; switch (config.PasswordFormat) { case FormsAuthPasswordFormat.Clear: caseInsensitive = false; /* Do nothing */ break; case FormsAuthPasswordFormat.MD5: password = HashPasswordForStoringInConfigFile(password, FormsAuthPasswordFormat.MD5); break; case FormsAuthPasswordFormat.SHA1: password = HashPasswordForStoringInConfigFile(password, FormsAuthPasswordFormat.MD5); break; } #if NET_2_0 return(String.Compare(password, stored, caseInsensitive ? StringComparison.OrdinalIgnoreCase : StringComparison.Ordinal) == 0); #else return(String.Compare(password, stored, caseInsensitive, Helpers.InvariantCulture) == 0); #endif }
protected FormsAuthenticationUserCollection getUsers() { if (_users == null) { AuthenticationSection section = getAuthenticationSection(); FormsAuthenticationCredentials creds = section.Forms.Credentials; _users = section.Forms.Credentials.Users; } return(_users); }
public static bool FormsAuthenticate(string userName, string password) { bool authenticated = false; switch (Mode) { case AuthenticationMode.None: AuthenticationSection authenticationSection = GetAuthenticationSection(); if (authenticationSection.Mode == System.Web.Configuration.AuthenticationMode.Forms && authenticationSection.Forms != null && authenticationSection.Forms.Credentials != null) { FormsAuthenticationCredentials credentials = authenticationSection.Forms.Credentials; if (credentials.Users.Count > 0) { if (credentials.PasswordFormat == FormsAuthPasswordFormat.SHA1) { password = HashPasswordForWebConfig(password); } authenticated = String.Compare(userName, credentials.Users[0].Name, true) == 0 && String.Compare(password, credentials.Users[0].Password) == 0; } } break; case AuthenticationMode.Database: using (OleDbConnection connection = AppContext.GetDatabaseConnection()) { string sql = String.Format("select count(*) from {0}User where UserName = ? and Password = ? and Active = 1", WebConfigSettings.ConfigurationTablePrefix); using (OleDbCommand command = new OleDbCommand(sql, connection)) { command.Parameters.Add("@1", OleDbType.VarWChar).Value = userName; command.Parameters.Add("@2", OleDbType.VarWChar).Value = password; authenticated = Convert.ToInt32(command.ExecuteScalar()) > 0; if (!authenticated) { command.Parameters[2].Value = HashPassword(password); authenticated = Convert.ToInt32(command.ExecuteScalar()) > 0; } } } break; } return(authenticated); }
public static void Main() { // <Snippet1> // Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration("/aspnetTest"); // Get the authentication section. AuthenticationSection authenticationSection = (AuthenticationSection)configuration.GetSection( "system.web/authentication"); // Get the forms credentials collection . FormsAuthenticationCredentials formsAuthenticationCredentials = authenticationSection.Forms.Credentials; // </Snippet1> // <Snippet2> // Create a new FormsAuthenticationCredentials object. FormsAuthenticationCredentials newformsAuthenticationCredentials = new FormsAuthenticationCredentials(); // </Snippet2> // <Snippet3> // Get the current PasswordFormat property value. FormsAuthPasswordFormat currentPasswordFormat = formsAuthenticationCredentials.PasswordFormat; // Set the PasswordFormat property value. formsAuthenticationCredentials.PasswordFormat = FormsAuthPasswordFormat.SHA1; // </Snippet3> // <Snippet4> // Create a new FormsAuthenticationUserCollection object. FormsAuthenticationUserCollection newformsAuthenticationUser = new FormsAuthenticationUserCollection(); // </Snippet4> // <Snippet5> // Display all credentials collection elements. StringBuilder credentials = new StringBuilder(); for (System.Int32 i = 0; i < formsAuthenticationCredentials.Users.Count; i++) { credentials.Append("User: "******"Password: "******"5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8"; // Define the user name. string userName = "******"; // Create the new user. FormsAuthenticationUser currentUser = new FormsAuthenticationUser(userName, password); // Execute the Add method. formsAuthenticationCredentials.Users.Add(currentUser); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet6> // <Snippet7> // Using method Clear. formsAuthenticationCredentials.Users.Clear(); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet7> // <Snippet9> // Using method Remove. // Execute the Remove method. formsAuthenticationCredentials.Users.Remove("userName"); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet9> // <Snippet10> // Using method RemoveAt. formsAuthenticationCredentials.Users.RemoveAt(0); if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet10> // <Snippet11> // Using method Set. // Define the SHA1 encrypted password. string newPassword = "******"; // Define the user name. string currentUserName = "******"; // Create the new user. FormsAuthenticationUser theUser = new FormsAuthenticationUser(currentUserName, newPassword); formsAuthenticationCredentials.Users.Set(theUser); if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet11> // <Snippet12> // Get the user with the specified name. FormsAuthenticationUser storedUser = formsAuthenticationCredentials.Users.Get("userName"); // </Snippet12> // <Snippet13> // Get the user at the specified index. FormsAuthenticationUser storedUser2 = formsAuthenticationCredentials.Users.Get(0); // </Snippet13> // <Snippet14> // Get the key at the specified index. string thisKey = formsAuthenticationCredentials.Users.GetKey(0).ToString(); // </Snippet14> // <Snippet15> // Get the user element at the specified index. FormsAuthenticationUser storedUser3 = formsAuthenticationCredentials.Users[0]; // </Snippet15> // <Snippet16> // Get the user element with the specified name. FormsAuthenticationUser storedUser4 = formsAuthenticationCredentials.Users["userName"]; // </Snippet16> // <Snippet17> // Get the collection keys. object [] keys = formsAuthenticationCredentials.Users.AllKeys; // </Snippet17> }
public static void Main() { // <Snippet1> // Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration("/aspnetTest"); // Get the external Authentication section. AuthenticationSection authenticationSection = (AuthenticationSection)configuration.GetSection( "system.web/authentication"); // Get the external Forms section . FormsAuthenticationConfiguration formsAuthentication = authenticationSection.Forms; //</Snippet1> // <Snippet2> // Create a new FormsAuthentication object. FormsAuthenticationConfiguration newformsAuthentication = new FormsAuthenticationConfiguration(); // </Snippet2> // <Snippet3> // Get the current LoginUrl. string currentLoginUrl = formsAuthentication.LoginUrl; // Set the LoginUrl. formsAuthentication.LoginUrl = "newLoginUrl"; // </Snippet3> // <Snippet4> // Get current DefaultUrl. string currentDefaultUrl = formsAuthentication.DefaultUrl; // Set current DefaultUrl. formsAuthentication.DefaultUrl = "newDefaultUrl"; // </Snippet4> // <Snippet5> // Get current Cookieless. System.Web.HttpCookieMode currentCookieless = formsAuthentication.Cookieless; // Set current Cookieless. formsAuthentication.Cookieless = HttpCookieMode.AutoDetect; // </Snippet5> // <Snippet6> // Get the current Domain. string currentDomain = formsAuthentication.Domain; // Set the current Domain formsAuthentication.Domain = "newDomain"; // </Snippet6> // <Snippet7> // Get the current SlidingExpiration. bool currentSlidingExpiration = formsAuthentication.SlidingExpiration; // Set the SlidingExpiration. formsAuthentication.SlidingExpiration = false; // </Snippet7> // <Snippet8> // Get the current EnableCrossAppRedirects. bool currentEnableCrossAppRedirects = formsAuthentication.EnableCrossAppRedirects; // Set the EnableCrossAppRedirects. formsAuthentication.EnableCrossAppRedirects = false; // </Snippet8> // <Snippet9> // Get the current Path. string currentPath = formsAuthentication.Path; // Set the Path property. formsAuthentication.Path = "newPath"; // </Snippet9> // <Snippet10> // Get the current Timeout. System.TimeSpan currentTimeout = formsAuthentication.Timeout; // Set the Timeout. formsAuthentication.Timeout = System.TimeSpan.FromMinutes(10); // </Snippet10> // <Snippet11> // Get the current Protection. FormsProtectionEnum currentProtection = formsAuthentication.Protection; // Set the Protection property. formsAuthentication.Protection = FormsProtectionEnum.All; // </Snippet11> // <Snippet12> // Get the current RequireSSL. bool currentRequireSSL = formsAuthentication.RequireSSL; // Set the RequireSSL property value. formsAuthentication.RequireSSL = true; // </Snippet12> // <Snippet13> // Get the current Name property value. string currentName = formsAuthentication.Name; // Set the Name property value. formsAuthentication.Name = "newName"; // </Snippet13> // <Snippet14> // Get the current Credentials. FormsAuthenticationCredentials currentCredentials = formsAuthentication.Credentials; StringBuilder credentials = new StringBuilder(); // Get all the credentials. for (System.Int32 i = 0; i < currentCredentials.Users.Count; i++) { credentials.Append("Name: " + currentCredentials.Users[i].Name + " Password: " + currentCredentials.Users[i].Password); credentials.Append(Environment.NewLine); } // </Snippet14> }