ASP .NET Ajax Authentication Services

Perhaps this is old hat to a lot of people, but I find it fascinating and damn useful. I have always liked the Membership services that are housed within .NET, its a perfect way to setup a login mechanism that is both customizable and secure, I tried to use it whenever I can to increase my familiarity with it.  Recently, I took a certification exam for Microsoft ASP .NET 3.5, while I unfortunately fell 1 question shy of passing the exam, it did show me that my experience with ASP .NET have been very limited.

One of the things that fascinated me was that Microsoft seemed to provide, through their Ajax framework, the ability to asynchronously log in via Ajax.  I found this hard to believe and really wanted to give it a shot. One of the effects I have always wanted to do more of is this asynchronous login, because I think it feels more natural to a person to be given a form and then login, rather then clicking login and going to a separate page.  Plus, using something like JQuery of event the MS Ajax client library you could easily update the existing page to reflect the admin view.

But enough of my ranting, how do you do it? Well to start a modification to the web.config is necessary to turn this on, add the following in your web.config:

<system.web.extensions>
    <scripting>
      <webServices>
        <authenticationService enabled="true" />
      </webServices>
    </scripting>
</system.web.extensions>

This enables it, the next step is to call it.  This, likewise, is very simple, though the method signature is quite long, and the documentation on the Microsoft site is backwards with a couple of the parameters:

Sys.Services.AuthenticationService.login("testUser", "testPass", true, null, "WebForm1.aspx", function(isValid, context, methodName) {
     debugger;
}, function(error, context, methodName) {
     debugger;
});

This signature can be broken down as such:

login(username, password, persistent, customInfo, redirectUrl, complete, fail)

Most of the parameters are fairly obvious in what they do, however, I will speak to a few of them, but mostly I recommend reading this page:

  • username: the username of the user logging in
  • password: the password of the user logging in
  • redirectUrl: if null, you stay put, if not null, you are redirect if the login is successful

It is worth mentioning that anytime the login function is SUCCESSFULLY invoked the login complete function is called. Supplied to the callback is a boolean IsValid parameter which denotes the outcome of the operation. The failCallback is called in the event the login function cannot be invoked.

Once again, the cool thing about this is that it integrates directly with the membership provider which can be defined by the developer and because it uses the provider pattern, can change freely without any major changes to your authentication logic. This represents a very flexible, secure, and maintainable login process.

References:

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s