See Also: Login Members
In this topic:
The System.Web.UI.WebControls.Login control is a composite control that provides all the common UI elements needed to authenticate a user on a Web site. The following three elements are required for all login scenarios:
A unique user name to identify the user.
A password to verify the identity of the user.
A login button to send the login information to the server.
The System.Web.UI.WebControls.Login control also provides the following optional UI elements that support additional functions:
A link for a password reminder.
A Remember Me checkbox for retaining the login information between sessions.
A Help link for users who are having trouble logging in.
A Register New User link that redirects users to a registration page.
Instruction text that appears on the login form.
Custom error text that appears when the user clicks the login button without filling in the user name or password fields.
Custom error text that appears if the login fails.
A custom action that occurs when login succeeds.
A way to hide the login control if the user is already logged in to the site.
For a table showing which controls are required and which are optional, see Login.LayoutTemplate property.
If you are not familiar with the set of login controls available in ASP.NET, see ASP.NET Login Controls Overview before continuing. For a list of other topics related to login controls and membership, see Managing Users By Using Membership.
Accepting user input is a potential security threat. Malicious users can send data that is intended to expose vulnerabilities or run programs that try generated passwords. To improve security when working with user input, you should use the validation features of your control and secure any data providers that are configured for your control. For more information, see Securing Login Controls, Basic Security Practices for Web Applications, and Securing Membership.
The System.Web.UI.WebControls.Login control uses a membership provider to obtain user credentials. Unless you specify otherwise, the System.Web.UI.WebControls.Login control uses the default membership provider defined in the Web.config file. To specify a different provider, set the Login.MembershipProvider property to one of the membership provider names defined in your application's Web.config file. For more information, see Membership Providers.
If you want to use a custom authentication service, you can use the Login.OnAuthenticate(AuthenticateEventArgs) method to call the service.
The appearance of the System.Web.UI.WebControls.Login control is fully customizable through templates and style settings. All UI text messages are also customizable through properties of the System.Web.UI.WebControls.Login class. The default interface text is automatically localized based on the locale setting on the server.
If the System.Web.UI.WebControls.Login control is customized with templates, then the WebControl.AccessKey property and the WebControl.TabIndex property are ignored. In this case, set the WebControl.AccessKey property and the WebControl.TabIndex property of each template child control directly.
System.Web.UI.WebControls.Login control properties represented by text boxes, such as Login.UserName and Login.Password, are accessible during all phases of the page life cycle. The control will pick up any changes made by the end user by means of the TextBox.TextChanged event triggered by the textboxes.
If you embed the System.Web.UI.WebControls.Login control in a System.Web.UI.WebControls.WizardStep object, explicitly set the Wizard.ActiveStepIndex property in a Page_Load event handler if the user is authenticated. The System.Web.UI.WebControls.Wizard control does not automatically advance to the next System.Web.UI.WebControls.WizardStep object in this scenario.
The following table lists the System.Web.UI.WebControls.Login control style properties and explains which UI element each style property affects. For a list of which properties each style applies to, see the documentation for the individual style properties.
The space between the control contents and the control's border.
Remember Me checkbox.
Login failure text.
Instructional text on the page that tells users how to use the control.
Labels for all input fields, such as text boxes.
Text entry input fields.
Text displayed to the user when a login attempt is unsuccessful due to validation errors.
Links to other pages.
The Login.UserName and Login.Password properties have System.Web.UI.WebControls.RequiredFieldValidator controls associated with them to prevent users from submitting the page without providing required information.
The System.Web.UI.WebControls.Login control uses a validation group so that other fields on the same page as the System.Web.UI.WebControls.Login control can be validated separately. By default, the System.Web.UI.Control.ID property of the System.Web.UI.WebControls.Login control is used as the name of the validation group. For example, a System.Web.UI.WebControls.Login control with the ID "Login1" will use a validation group name of "Login1". If you want to set the validation group that the System.Web.UI.WebControls.Login control is part of, you must template the control and change the validation group name.
The System.Web.UI.WebControls.Login control lets you specify CSS style rules in markup. If you use templates to customize the appearance of the System.Web.UI.WebControls.Login control, you can specify CSS styles in the markup in the templates. In that case, no extra outer table is required. You can prevent the table from being rendered by setting the Login.RenderOuterTable property to false.
For information about how to configure this control so that it generates markup that conforms to accessibility standards, see Accessibility in Visual Studio 2010 and ASP.NET 4 and ASP.NET Controls and Accessibility.
<asp:Login AccessKey="string" BackColor="color name|#dddddd" BorderColor="color name|#dddddd" BorderPadding="integer" BorderStyle="