Forms Authentication Against An XML File


This code shows how to validate against an XML file for Forms Authentication security in ASP.Net. Please read one of the earlier articles on Forms Authentication for an introduction and to see the required settings in the web.config file.

The Login Page

<%@Page Language="VB" Trace="false"%>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Xml" %>
<script language="VB" runat=server>
Sub ValidateLogin(Src as Object, E as EventArgs) 
Dim sXmlPath As String = "C:\Inetpub\wwwroot\users.xml" 
Dim oXmlDoc As New XmlDocument() 
Catch oError As Exception 
StatusMessage.innerHTML = "There was an error:<BR>" & 
oError.Message & "<BR>" _ & oError.Source & "." 
Exit Sub 
End Try 
Dim oXmlUser As XmlNodeList 
oXmlUser = oXmlDoc.GetElementsByTagname(txtUser.Value) 
If Not (oXmlUser Is Nothing) Then 
If txtPwd.Value = oXmlUser(0).FirstChild().Value Then 
FormsAuthentication.RedirectFromLoginPage(txtUser.Value, false) 
StatusMessage.InnerHtml = "Invalid login" 
End If 
End If 
End Sub 
Forms Authentication Against An XML File
<form method="post" runat="server"> 
<INPUT type="text" name="txtUser" id="txtUser" runat="server"/>
<INPUT type="password" name="txtPwd" id="txtPwd" runat="server"/>
<INPUT type="submit" OnServerClick="ValidateLogin" runat="server"/>
<SPAN id="StatusMessage" runat="server"/>

The XML File

Here is the XML file used to hold the usernames and passwords.

<?xml version="1.0" ?> 
<!-- format is <username>password</username> --> 


Brad Kingsley is founder and president of ORCS Web, Inc. - a company that provides managed hosting services for clients who develop and deploy their applications on Microsoft Windows platforms.

Posted On : 16 January 2005

Tags : ASP.NET Web Forms Security Configuration XML