User Credentials CommandDialog with SecureString password

Now that VS2005 and .NET 2.0 is on the street, I started to port some of my tools and projects from .NET 1.1. Since I was working on authentication in a Winform client application, one of the common scenarios is “credential gathering”. This is typically a dialog that asks the user credentials when logging on to the application or accessing some restricted area of it.So I went back to get my UICredentialsHelper class in NCrypto project and not only ported to v2.0 but redesign it and added dome goodies as well. You can download the code from here. Let’s summarize its features: 
  • Shows up the standard Windows dialog for credential gathering (see CredUIPromptForCredentials API).
  • Inherits from CommonDialog so it has a base standard API and IDE integration.
  • Return the sensitive information like the user password in a SecureString type.
  • Flexible to configure according to the features exposed by the CredUIPromptForCredentials API. 

Sample Usage

Let’s see the basic usage of this dialog:
  using (CredentialsDialog dialog = new CredentialsDialog()){      if (dialog.ShowDialog() == DialogResult.OK)      {            // validate credentials against an authentication authority            // ...            // If credentials are valid            // and the user checked the "remember my password" option            if (dialog.SaveChecked)            {                  dialog.ConfirmCredentials(true);            }      }}
 

The “dialog.ShowDialog()” function call will show up the following dialog:

   An interesting sample that you have included in the downloaded solution is the one that can run a process under the credentials account supplied.Let’s see the sample: 
using (CredentialsDialog dialog = new CredentialsDialog()){      if (dialog.ShowDialog() == DialogResult.OK)      {            ProcessStartInfo info = new ProcessStartInfo("notepad.exe");            info.UseShellExecute = false;            info.UserName = dialog.User;            info.Password = dialog.Password;            info.Domain = dialog.Domain;            using (Process install = Process.Start(info))            {                  install.WaitForExit();                  Console.WriteLine(install.ExitCode);            }

      }

}

As you can see, is pretty straightforward to use this dialog and you even can customize its appearance like changing its caption, text message, banner bitmat or event setting the user textbox as read only. Enjoy it!

This posting is provided "AS IS" with no warranties, and confers no rights.

Published Monday, November 21, 2005 10:08 AM by HernanDL
Filed under:

Comments

# re: User Credentials CommandDialog with SecureString password

Wednesday, December 7, 2005 9:21 AM by J. Daniel Smith
This is pretty neat! Just what I was looking for... My only comment is that the unmanaged interop might be easier from C++/CLI rather than C#...

# re: User Credentials CommandDialog with SecureString password

Saturday, December 10, 2005 11:27 PM by Hernan
Great. Thanks for the translation. However, perhaps just a 16% difference between each version may let developers easly choose the one that better fit the language personal preference, considering that performance/memory consumption may not be a big deal in this context (UI client scenario).

# re: User Credentials CommandDialog with SecureString password

Wednesday, December 14, 2005 10:53 PM by J. Daniel Smith
Yup, there isn't a whole lot of difference in lines-of-code. I like the C++/CLI version because it avoids duplicating Win32 structs/#defines in C#; otherwise the Interop is pretty much a wash in this sample.

What would be really neat is if there were a way for C# to read "simple" (say basic #defines and simple structs/classes) C++ .h files.

# re: User Credentials CommandDialog with SecureString password

Monday, October 20, 2008 4:16 AM by Melanie

Thanks a bunch for sharing. If I try to open the UserCredentialsDialog.cs in Designer I get: The designer must create an instance of type 'System.Windows.Forms.CommonDialog' but it cannot because the type is declared as abstract. It is compiling and working, but is there a solution to rid of this error?

# re: User Credentials CommandDialog with SecureString password

Friday, December 5, 2008 9:29 PM by Semil

<a href= spiritez.com ></a>

# re: User Credentials CommandDialog with SecureString password

Tuesday, December 23, 2008 2:54 PM by David Gauerke

Is it possible to show a domain/machine selection (combobox) similar to the main Windows login?

# re: User Credentials CommandDialog with SecureString password

Thursday, January 10, 2013 12:17 AM by POPOicHtHgQ

Oqiag1 Fantastic article.Really looking forward to read more. Really Cool.

# re: User Credentials CommandDialog with SecureString password

Monday, August 19, 2013 2:45 PM by llquLAsowmug

dHBrTX Major thankies for the article.Really looking forward to read more.

# re: User Credentials CommandDialog with SecureString password

Tuesday, September 24, 2013 8:51 PM by LakhVMYCZuHlDDjywA

qNCM46 Hey, thanks for the blog.Much thanks again. Great.

# re: User Credentials CommandDialog with SecureString password

Sunday, October 13, 2013 12:37 AM by KB

Thanks for sharing, still quite useful and relevant all these years later!!

# re: User Credentials CommandDialog with SecureString password

Tuesday, October 15, 2013 11:17 PM by VWCWCtubcdriAjGTF

xYnfH0 I really like and appreciate your post. Want more.

# re: User Credentials CommandDialog with SecureString password

Tuesday, November 26, 2013 1:56 AM by heena

this simple example but if i need to save the username only and password field blank then what can i do please suggest

# re: User Credentials CommandDialog with SecureString password

Wednesday, January 8, 2014 4:42 AM by WHgvAjHONDoar

nTb8g6 Hey, thanks for the post.Much thanks again. Really Great.

# re: User Credentials CommandDialog with SecureString password

Tuesday, February 4, 2014 7:35 AM by jCYbjzcGbt

iIhxYr Thanks a lot for the post.Thanks Again.

# re: User Credentials CommandDialog with SecureString password

Friday, February 28, 2014 5:44 AM by ymiYjfDGXnsonO

fSsRzw Wow, great blog article.Much thanks again. Awesome.

Leave a Comment

(required) 
(required) 
(optional)
(required)