Authentication using web.config Credentials

In one of my projects I have been asked to implement temporary security on sepcific module for internal usage and it was also suggested that I will not be putting more efforts on the same. First thing came in my mind was Membership/RoleProvider, but as I advised my planned solution they surprised me with the decision that I will not be using these providers and I should be using something more simpler and I was like Duh!!!

Any way I started thinking about a much more simpler solution as I have been alotted the biggest time period ever of 10-15 minutes max for this task :).

OK now I guess I should come to the point. During this process I realised that web.config credentials can be a good option as I personally don't wanted to implement any hardcoded authentication. It is very straight forward and simple but I had some problems implementing that solution so I thought to blog about how to authenticate using credentials incase if any one require the same.

All you need to do is to add some credentials in your web.config like this:

  <authentication mode="Forms">
   <forms loginUrl="~/SignIn.aspx" name=".ASPXAUTH" slidingExpiration="true" timeout="1440" path="/" defaultUrl="~/Default.aspx">
    <credentials passwordFormat="Clear">
     <user name="testUser1" password="testPass1"/>
     <user name="testUser2" password="testPass2"/>
     <user name="testUser2" password="testPass3"/>

In the code block it can be authenticated like this:

if (FormsAuthentication.Authenticate(this.txtUserName.Text, this.txtPassword.Text))
  FormsAuthentication.SetAuthCookie(this.txtUserName.Text, false);
  FormsAuthentication.RedirectFromLoginPage(this.txtUserName.Text, false);
  Response.Write("Invalid login details. Please try again.");


I hope it will be helpful for others as well. And yes it can be done in 15 minutes :)


Comments have been disabled for this content.