Windows Forms Application: How to Use a Membership Provider of ASP.NET in
Introduction
We can use the ASP.NET membership provider in windows forms.
What is the goal? The membership of ASP.NET is a really complete way to manage users and roles (Create,Edit,Delete, access rules to forms like access rules to pages ).
Implementation
How do we implement it?
First we create a login form connecting to the database ASPDBNET.mdf (generated automatically in a project asp.net)
The code of the button login will be :
VB
Imports System.Security.Principal
Imports System.Web.Security
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
If Membership.ValidateUser(UsernameTextBox.Text, PasswordTextBox.Text) Then
'''' treatment if authenticated
Else
''''
End If
End Sub
C#
using System.Security.Principal;
using System.Web.Security;
private void OK_Click(System.Object sender, System.EventArgs e)
{
if (Membership.ValidateUser(UsernameTextBox.Text, PasswordTextBox.Text)) {
}
// treatment if authenticated
else {
//
}
}
Same time we need to edit the app.config and to add under configuration
<system.web>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<remove name=AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="AspNetConnectionString" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="AspNet" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider" cacheRolesInCookie="true" createPersistentCookie="false" cookieProtection="All">
<providers>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" applicationName="AspNet" connectionStringName="AspNetConnectionString"/>
</providers>
</roleManager>
</system.web>
Once authenticated and redirected to another winform we can detect current user and work on access rules by roles
VB
''' treatment for current user
nom = Thread.CurrentPrincipal.Identity.Name
Dim user As MembershipUser = Membership.GetUser(nom)
Dim identity As New GenericIdentity(user.UserName)
Dim principal As New RolePrincipal(identity)
Threading.Thread.CurrentPrincipal = principal
If Roles.GetRolesForUser(nom).Length = 1 Then
rolesArray = Roles.GetRolesForUser(nom)
role = rolesArray.First.ToString
''' enable controls for examples for the role of current user
Else '' disable controls
End If
C#
using System.Security.Principal;
using System.Web.Security;
public class AddUser
{
private void Button1_Click(System.Object sender, System.EventArgs e)
{
MembershipUser user;
user = Membership.CreateUser(TextBox1.Text, TextBox2.Text);
MsgBox(TextBox1.Text + "is created successfully");
this.Dispose();
}
}
To create a user you can create a winform with simple textboxes (encryted one for the password) and use that code
VB
Imports System.Security.Principal
Imports System.Web.Security
Public Class AddUser
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim user As MembershipUser
user = Membership.CreateUser(TextBox1.Text, TextBox2.Text)
MsgBox(TextBox1.Text & "is created successfully")
Me.Dispose()
End Sub
End Class
C#
using System.Security.Principal;
using System.Web.Security;
public class AddUser
{
private void Button1_Click(System.Object sender, System.EventArgs e)
{
MembershipUser user;
user = Membership.CreateUser(TextBox1.Text, TextBox2.Text);
MsgBox(TextBox1.Text + "is created successfully");
this.Dispose();
}
}