My LogIn Web Service (that I had forgotten about)

I just pulled a login page from an ASP.NET app I wrote last year into a new ASP.NET application. These are applications that live on my domain that are web based utilities for some of my clients or just myself and I haven’t had to write one in quite some time. When I opened up the login page I saw something that I had put in there which I had completely forgotten about. I had written a login web service that I can implement in any of my applications. I have one table in my domain’s sql database that has the logins for users of my various little applications. That way I can use the same login page in any of these applications. The web service requires authentication before it will even attempt to validate the user login/pw. That way I don’t have to worry about anyone else using my web service.

So here is the  code I discovered (yes, I surprised myself!)

Private Sub LogIn_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles ImageButton1.Click
 Dim sResults As Boolean
 Dim auth As New mydomain.Authenticator() 
 auth.UserName = “IAmanAuthenticatedApplication”  
 auth.Password = “IAmThePassword”
 Dim objService As New mydomain.WebServices()
 Try
 With objService
  
.AuthenticatorValue = auth ‘this attaches the auth object as SOAP
   .Credentials = System.Net.CredentialCache.DefaultCredentials
   sResults = .ValidLogin(Me.txtLogin.Value, Me.txtPW.Value)
 End With
 If sResults Then
  
Dim FormsAuthentication As New Web.Security.FormsAuthentication()
   FormsAuthentication.RedirectFromLoginPage(txtLogin.Value,
False)
 Else
  
msg.Text = “Invalid User: Please try again“
 End If
 Catch ex As Exception
   msg.Text = ex.Message & vbCrLf & ex.StackTrace
 End Try
End Sub

This may not be the best way (and it makes me nervous to have my code available for certain people to possibly look at and have a chuckle) but it’s darned useful.

It’s funny to look at this having just written a little about Indigo going to message based transactions. Because doesn’t that mean that my little “auth” object that I’m passing in to my webservice will go away? Of course! This is what they (ok Don Box but I’m not going for google hits, here) were talking about when saying that even security is going to be a LOT less complicated to handle. I remember when I first tried to get my head around how all of that was working – soap , my authentication object, etc. Though it all seems so obvious to me now, I remember how incredibly confusing it was for me back then.

  Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!  

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.