public static bool Authenticate(string name, string password)
{
if (name == null || password == null)
{
return(false);
}
Initialize();
HttpContext context = HttpContext.Current;
if (context == null)
{
throw new HttpException("Context is null!");
}
name = name.ToLower(Helpers.InvariantCulture);
#if NET_2_0
AuthenticationSection section = (AuthenticationSection)WebConfigurationManager.GetSection(authConfigPath);
FormsAuthenticationCredentials config = section.Forms.Credentials;
FormsAuthenticationUser user = config.Users[name];
string stored = null;
if (user != null)
{
stored = user.Password;
}
#else
AuthConfig config = context.GetConfig(authConfigPath) as AuthConfig;
Hashtable users = config.CredentialUsers;
string stored = users [name] as string;
#endif
if (stored == null)
{
return(false);
}
bool caseInsensitive = true;
switch (config.PasswordFormat)
{
case FormsAuthPasswordFormat.Clear:
caseInsensitive = false;
/* Do nothing */
break;
case FormsAuthPasswordFormat.MD5:
password = HashPasswordForStoringInConfigFile(password, FormsAuthPasswordFormat.MD5);
break;
case FormsAuthPasswordFormat.SHA1:
password = HashPasswordForStoringInConfigFile(password, FormsAuthPasswordFormat.MD5);
break;
}
#if NET_2_0
return(String.Compare(password, stored, caseInsensitive ? StringComparison.OrdinalIgnoreCase : StringComparison.Ordinal) == 0);
#else
return(String.Compare(password, stored, caseInsensitive, Helpers.InvariantCulture) == 0);
#endif
}
protected FormsAuthenticationUserCollection getUsers()
{
if (_users == null)
{
AuthenticationSection section = getAuthenticationSection();
FormsAuthenticationCredentials creds = section.Forms.Credentials;
_users = section.Forms.Credentials.Users;
}
return(_users);
}
public static bool FormsAuthenticate(string userName, string password)
{
bool authenticated = false;
switch (Mode)
{
case AuthenticationMode.None:
AuthenticationSection authenticationSection = GetAuthenticationSection();
if (authenticationSection.Mode == System.Web.Configuration.AuthenticationMode.Forms && authenticationSection.Forms != null && authenticationSection.Forms.Credentials != null)
{
FormsAuthenticationCredentials credentials = authenticationSection.Forms.Credentials;
if (credentials.Users.Count > 0)
{
if (credentials.PasswordFormat == FormsAuthPasswordFormat.SHA1)
{
password = HashPasswordForWebConfig(password);
}
authenticated = String.Compare(userName, credentials.Users[0].Name, true) == 0 && String.Compare(password, credentials.Users[0].Password) == 0;
}
}
break;
case AuthenticationMode.Database:
using (OleDbConnection connection = AppContext.GetDatabaseConnection())
{
string sql = String.Format("select count(*) from {0}User where UserName = ? and Password = ? and Active = 1", WebConfigSettings.ConfigurationTablePrefix);
using (OleDbCommand command = new OleDbCommand(sql, connection))
{
command.Parameters.Add("@1", OleDbType.VarWChar).Value = userName;
command.Parameters.Add("@2", OleDbType.VarWChar).Value = password;
authenticated = Convert.ToInt32(command.ExecuteScalar()) > 0;
if (!authenticated)
{
command.Parameters[2].Value = HashPassword(password);
authenticated = Convert.ToInt32(command.ExecuteScalar()) > 0;
}
}
}
break;
}
return(authenticated);
}
public static void Main()
{
// <Snippet1>
// Get the Web application configuration.
System.Configuration.Configuration configuration =
WebConfigurationManager.OpenWebConfiguration("/aspnetTest");
// Get the authentication section.
AuthenticationSection authenticationSection =
(AuthenticationSection)configuration.GetSection(
"system.web/authentication");
// Get the forms credentials collection .
FormsAuthenticationCredentials formsAuthenticationCredentials =
authenticationSection.Forms.Credentials;
// </Snippet1>
// <Snippet2>
// Create a new FormsAuthenticationCredentials object.
FormsAuthenticationCredentials newformsAuthenticationCredentials =
new FormsAuthenticationCredentials();
// </Snippet2>
// <Snippet3>
// Get the current PasswordFormat property value.
FormsAuthPasswordFormat currentPasswordFormat =
formsAuthenticationCredentials.PasswordFormat;
// Set the PasswordFormat property value.
formsAuthenticationCredentials.PasswordFormat =
FormsAuthPasswordFormat.SHA1;
// </Snippet3>
// <Snippet4>
// Create a new FormsAuthenticationUserCollection object.
FormsAuthenticationUserCollection newformsAuthenticationUser =
new FormsAuthenticationUserCollection();
// </Snippet4>
// <Snippet5>
// Display all credentials collection elements.
StringBuilder credentials = new StringBuilder();
for (System.Int32 i = 0;
i < formsAuthenticationCredentials.Users.Count;
i++)
{
credentials.Append("User: "******"Password: "******"5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8";
// Define the user name.
string userName = "******";
// Create the new user.
FormsAuthenticationUser currentUser =
new FormsAuthenticationUser(userName, password);
// Execute the Add method.
formsAuthenticationCredentials.Users.Add(currentUser);
// Update if not locked
if (!authenticationSection.SectionInformation.IsLocked)
{
configuration.Save();
}
// </Snippet6>
// <Snippet7>
// Using method Clear.
formsAuthenticationCredentials.Users.Clear();
// Update if not locked
if (!authenticationSection.SectionInformation.IsLocked)
{
configuration.Save();
}
// </Snippet7>
// <Snippet9>
// Using method Remove.
// Execute the Remove method.
formsAuthenticationCredentials.Users.Remove("userName");
// Update if not locked
if (!authenticationSection.SectionInformation.IsLocked)
{
configuration.Save();
}
// </Snippet9>
// <Snippet10>
// Using method RemoveAt.
formsAuthenticationCredentials.Users.RemoveAt(0);
if (!authenticationSection.SectionInformation.IsLocked)
{
configuration.Save();
}
// </Snippet10>
// <Snippet11>
// Using method Set.
// Define the SHA1 encrypted password.
string newPassword =
"******";
// Define the user name.
string currentUserName = "******";
// Create the new user.
FormsAuthenticationUser theUser =
new FormsAuthenticationUser(currentUserName, newPassword);
formsAuthenticationCredentials.Users.Set(theUser);
if (!authenticationSection.SectionInformation.IsLocked)
{
configuration.Save();
}
// </Snippet11>
// <Snippet12>
// Get the user with the specified name.
FormsAuthenticationUser storedUser =
formsAuthenticationCredentials.Users.Get("userName");
// </Snippet12>
// <Snippet13>
// Get the user at the specified index.
FormsAuthenticationUser storedUser2 =
formsAuthenticationCredentials.Users.Get(0);
// </Snippet13>
// <Snippet14>
// Get the key at the specified index.
string thisKey = formsAuthenticationCredentials.Users.GetKey(0).ToString();
// </Snippet14>
// <Snippet15>
// Get the user element at the specified index.
FormsAuthenticationUser storedUser3 =
formsAuthenticationCredentials.Users[0];
// </Snippet15>
// <Snippet16>
// Get the user element with the specified name.
FormsAuthenticationUser storedUser4 =
formsAuthenticationCredentials.Users["userName"];
// </Snippet16>
// <Snippet17>
// Get the collection keys.
object [] keys =
formsAuthenticationCredentials.Users.AllKeys;
// </Snippet17>
}
public static void Main()
{
// <Snippet1>
// Get the Web application configuration.
System.Configuration.Configuration configuration =
WebConfigurationManager.OpenWebConfiguration("/aspnetTest");
// Get the external Authentication section.
AuthenticationSection authenticationSection =
(AuthenticationSection)configuration.GetSection(
"system.web/authentication");
// Get the external Forms section .
FormsAuthenticationConfiguration formsAuthentication =
authenticationSection.Forms;
//</Snippet1>
// <Snippet2>
// Create a new FormsAuthentication object.
FormsAuthenticationConfiguration newformsAuthentication =
new FormsAuthenticationConfiguration();
// </Snippet2>
// <Snippet3>
// Get the current LoginUrl.
string currentLoginUrl = formsAuthentication.LoginUrl;
// Set the LoginUrl.
formsAuthentication.LoginUrl = "newLoginUrl";
// </Snippet3>
// <Snippet4>
// Get current DefaultUrl.
string currentDefaultUrl =
formsAuthentication.DefaultUrl;
// Set current DefaultUrl.
formsAuthentication.DefaultUrl = "newDefaultUrl";
// </Snippet4>
// <Snippet5>
// Get current Cookieless.
System.Web.HttpCookieMode currentCookieless =
formsAuthentication.Cookieless;
// Set current Cookieless.
formsAuthentication.Cookieless =
HttpCookieMode.AutoDetect;
// </Snippet5>
// <Snippet6>
// Get the current Domain.
string currentDomain =
formsAuthentication.Domain;
// Set the current Domain
formsAuthentication.Domain = "newDomain";
// </Snippet6>
// <Snippet7>
// Get the current SlidingExpiration.
bool currentSlidingExpiration =
formsAuthentication.SlidingExpiration;
// Set the SlidingExpiration.
formsAuthentication.SlidingExpiration = false;
// </Snippet7>
// <Snippet8>
// Get the current EnableCrossAppRedirects.
bool currentEnableCrossAppRedirects =
formsAuthentication.EnableCrossAppRedirects;
// Set the EnableCrossAppRedirects.
formsAuthentication.EnableCrossAppRedirects = false;
// </Snippet8>
// <Snippet9>
// Get the current Path.
string currentPath = formsAuthentication.Path;
// Set the Path property.
formsAuthentication.Path = "newPath";
// </Snippet9>
// <Snippet10>
// Get the current Timeout.
System.TimeSpan currentTimeout =
formsAuthentication.Timeout;
// Set the Timeout.
formsAuthentication.Timeout =
System.TimeSpan.FromMinutes(10);
// </Snippet10>
// <Snippet11>
// Get the current Protection.
FormsProtectionEnum currentProtection =
formsAuthentication.Protection;
// Set the Protection property.
formsAuthentication.Protection =
FormsProtectionEnum.All;
// </Snippet11>
// <Snippet12>
// Get the current RequireSSL.
bool currentRequireSSL =
formsAuthentication.RequireSSL;
// Set the RequireSSL property value.
formsAuthentication.RequireSSL = true;
// </Snippet12>
// <Snippet13>
// Get the current Name property value.
string currentName = formsAuthentication.Name;
// Set the Name property value.
formsAuthentication.Name = "newName";
// </Snippet13>
// <Snippet14>
// Get the current Credentials.
FormsAuthenticationCredentials currentCredentials =
formsAuthentication.Credentials;
StringBuilder credentials = new StringBuilder();
// Get all the credentials.
for (System.Int32 i = 0; i < currentCredentials.Users.Count; i++)
{
credentials.Append("Name: " +
currentCredentials.Users[i].Name +
" Password: " +
currentCredentials.Users[i].Password);
credentials.Append(Environment.NewLine);
}
// </Snippet14>
}
