by November 1, 2004 0 comments

Last month we saw how to password protect your websites using ASP.NET (Password Protect your Website, page 94). That program used hard-coded username and password for authenticating a small number of users. This time we are suggesting a solution that can be used for any number of users. The authentication mechanism in this solution will use a database.

First create an Access database and a table, ‘users’ in it. Create two fields, ‘username’ and ‘password’, in it and then add usernames and their respective passwords to it. Save the database file as authentication.mdb and put the following code in an ASP.NET file.

Direct Hit!
Applies to: Mid-size businesses
Authentication through a database provides better 
security and robustness

<%@ Page Language="VB" %>
<%@ import Namespace="System.Data" %>
<%@ import Namespace="System.Data.OleDB" %>

First define an OleDB connection to the Access database. After that, open the connection to the database. Now, define the SQL command, which will fetch the password from the database for the desired user. The command selects the password from the ‘users’ table in the database corresponding to the username entered by the user in the username text box. Then execute that command, which will return the results to an OleDBDataReader object named myDataReader.Now check whether the myDataReader object has got any value in return from the database, which can only happen if the user enters a correct username. If not, an error message is dsiplayed.If the user enters a correct username, we need to verify his password. Now compare the password entered by the user in the password textbox with the password value returned from the database. If both are same, a success message is displayed, otherwise, an error message is flashed.

Anoop Mangla

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.