I just pulled a login page from an ASP.NET app I wrote last year into a new ASP.NET application. These are applications that live on my domain that are web based utilities for some of my clients or just myself and I haven’t had to write one in quite some time. When I opened up the login page I saw something that I had put in there which I had completely forgotten about. I had written a login web service that I can implement in any of my applications. I have one table in my domain’s sql database that has the logins for users of my various little applications. That way I can use the same login page in any of these applications. The web service requires authentication before it will even attempt to validate the user login/pw. That way I don’t have to worry about anyone else using my web service.
So here is the code I discovered (yes, I surprised myself!)
Private Sub LogIn_Click(ByVal sender As System.Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles ImageButton1.Click
Dim sResults As Boolean
Dim auth As New mydomain.Authenticator()
auth.UserName = “IAmanAuthenticatedApplication”
auth.Password = “IAmThePassword”
Dim objService As New mydomain.WebServices()
.AuthenticatorValue = auth ‘this attaches the auth object as SOAP
.Credentials = System.Net.CredentialCache.DefaultCredentials
sResults = .ValidLogin(Me.txtLogin.Value, Me.txtPW.Value)
If sResults Then
Dim FormsAuthentication As New Web.Security.FormsAuthentication()
msg.Text = “Invalid User: Please try again“
Catch ex As Exception
msg.Text = ex.Message & vbCrLf & ex.StackTrace
This may not be the best way (and it makes me nervous to have my code available for certain people to possibly look at and have a chuckle) but it’s darned useful.
It’s funny to look at this having just written a little about Indigo going to message based transactions. Because doesn’t that mean that my little “auth” object that I’m passing in to my webservice will go away? Of course! This is what they (ok Don Box but I’m not going for google hits, here) were talking about when saying that even security is going to be a LOT less complicated to handle. I remember when I first tried to get my head around how all of that was working – soap , my authentication object, etc. Though it all seems so obvious to me now, I remember how incredibly confusing it was for me back then.
Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!