Home/ Questions/Q 3428476
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T06:57:49+00:00

My code behind protected void LogonForm_Authenticate(object sender, AuthenticateEventArgs e) { bool auth = false;

  • 0

My code behind

protected void LogonForm_Authenticate(object sender, AuthenticateEventArgs e)
{
    bool auth = false;

    if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))
    {
        auth = true;
    }

    e.Authenticated = auth;

}

It results in false. When I don’t specify an OnAuthenticate event the user is validated it works as expected. What gives?

I simply want to invoke the default OnAuthenticate code and then add an additional check on the end of it. I am using LDAP to authenticate in both scenarios.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As is mentioned in the documentation on MSDN, the FormsAuthentication.Authenticate method should be used in case you have the credentials stored in the Web.config file like this:

    <authentication mode="Forms">
    <forms loginUrl="login.aspx">
        <credentials passwordFormat="Clear">
            <user name="user1" password="password1" />
            <user name="user2" password="password2" />
        </credentials>
 </forms>
</authentication>

    But if you are validating the credentials against a membership provider that inherits from the MembershipProvider abstract class like SqlMembershipProvider, ActiveDirectoryMembershipProvider or other custom providers you should use the Membership.ValidateUser method instead.

    I think that replacing

    if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))

    with

    if (Membership.ValidateUser(LoginUser.UserName, LoginUser.Password))

    will solve your problem.

    • 0