1. Resources
    2. Code Snippets
    3. Application windows, menus & toolbars

Create "Login Form" with authentication

Posted Date: 15 May 2009 |Updated: 15-May-2009 |Category: Application windows, menus & toolbars |Author: |Member Level: Gold |Points: 20 |

This code demonstrates creating a login dialog box to authenticate users and restrict access to features in an application. The user must first log in, within 3 attempts,either using custom authentication or Windows
Authentication. After the user logs in, the role membership is checked to see if the user is a "Manager" or a Windows Administrator.


Feature Highlights:


A Windows Principal object is used to determine if the user logged into Windows is an Administrator.
A Generic Principal object is used to determine if a user is a member of the "Manager" role.
An XML file is loaded into a DataSet and searched for an appropriate match

Users.cs Class

using System.Security.Principal;
using System.Threading;
using System.IO;
using System;
using System.Data;
using System.Windows.Forms;

public class Users
{

   public bool IsLogin(string strName, string strPassword)
   {
        // Procedure checks that the login exists in the XML file

        DataSet dsUsers = new DataSet();
		DataRow[] drRows;
	   bool ret = false;

        try {

            // Read the XML into a Dataset and filter on name and password for a collection of DataRows.             

            dsUsers.ReadXml(@"..\..\Users.xml");

            drRows = dsUsers.Tables[0].Select("name = '" + 
                        strName + "' and password = '" + strPassword + "'");

            // Code must be implemented when adding users to the list to insure 
            // that there are no 2 users with the same name 
            // if there is a row in the collection then a record was found

			if (drRows.Length > 0) 
			{	ret = true; 	}
			else 
			{	ret = false;	}

       } catch(FileNotFoundException e)
		{
            MessageBox.Show("Users.Xml file not found.", "Unable to Authenticate user.", MessageBoxButtons.OK, MessageBoxIcon.Warning);
			Application.Exit();
        }
	   return ret;
    }

    public GenericPrincipal GetLogin(string strName, string strPassword)
		{
        // Procedure returns a Generic Principal representing the login account

        DataSet dsUsers = new DataSet();
		DataRow[] drRows = null;

        try {

            // Read the XML into a Dataset and filter for a collection of DataRows

            dsUsers.ReadXml(@"..\..\Users.xml");

            drRows = dsUsers.Tables[0].Select("name = '" + 
                    strName + "' and password = '" + strPassword + "'");

       } catch( FileNotFoundException e)
		{
            MessageBox.Show("Users.Xml file not found.","Shutting Down...", MessageBoxButtons.OK, MessageBoxIcon.Warning);
			Application.Exit();
        }

        // Create the Generic Identity representing the User

        GenericIdentity GenIdentity = new GenericIdentity(strName);

        // Define the role membership an array

        string[] Roles  = {Convert.ToString(drRows[0]["Role"]), ""};
        GenericPrincipal GenPrincipal = new GenericPrincipal(GenIdentity, Roles);
        return GenPrincipal;
    }

    public bool IsAdministrator()
	{
        // Procedure checks if the Windows Login is an Administrator
        // For single role-based validation
        // WinPrincipal new WindowsPrincipal(WindowsIdentity.GetCurrent())
        // For repeated role-based validation

        AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);

        WindowsPrincipal WinPrincipal = (WindowsPrincipal) Thread.CurrentPrincipal;

        // Check if the user account is an Administrator

		if (WinPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) 
		{
			return true;
		}
		else 
		{
			return false;
		}
    }
}


On login Form Submit Button click event
using System.Security.Principal;

private void btnOK_Click(object sender, System.EventArgs e) 
{
        // Instantiate a custom Users class

        Users objUser = new Users();
        GenericPrincipal GenPrincipal;
        string strName = txtUserName.Text;
        string strPassword = txtPassword.Text;

        // Check for Windows Administrator.  Administrator can bypass
        // custom security system.

		if (chkAdministratorAccount.Checked) 
		{
			if (objUser.IsAdministrator()) 
			{
				// Display the Users Name (Windows or Generic)

				MessageBox.Show(Thread.CurrentPrincipal.Identity.Name + 
					" has logged in successfully!","Login Successful",
					MessageBoxButtons.OK, MessageBoxIcon.Information);				
			}
			else 
			{
				// Increment login attempts

				intLoginAttempts += 1;

				MessageBox.Show("User not an Administrator.  Please provide a User Name and Password.", this.Text,
					MessageBoxButtons.OK,MessageBoxIcon.Exclamation);
			}
		}
		else 
		{
			// Check that the login exists

			if (objUser.IsLogin(strName, strPassword)) 
			{
				GenPrincipal = objUser.GetLogin(strName, strPassword);
				Thread.CurrentPrincipal = GenPrincipal;

				// Display the Users Name (Windows or Generic)

				MessageBox.Show(Thread.CurrentPrincipal.Identity.Name + 
					" has logged in successfully!", "Login Successful",
					MessageBoxButtons.OK,MessageBoxIcon.Information);				
			}
			else 
			{
				// Increment login attempts
				intLoginAttempts += 1;
				// After the 3 attempts quit the application
				if (intLoginAttempts >= 3) 
				{
					MessageBox.Show("Too many failed login attempts",this.Text,
						MessageBoxButtons.OK,MessageBoxIcon.Exclamation);
					Application.Exit();
				}
				else 
				{
					MessageBox.Show("User Name not found.  Please try again", this.Text,MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
				}
			}
		}
}


I am attaching design view of the Form to get an Idea..
And also attaching XML file (name it as Users.xml while using)


Attachments

  • Create "Login Form" in Windows Application (28460-1541-Users.txt)

    • Comments

    Author: PHANI HARSHITHA MADALA16 May 2009 Member Level: Gold   Points : 0

    Hi,

    Nice post deepika..

    usefull for many people

    regards,

    greeny

    Author: Shuby Arora24 May 2009 Member Level: Gold   Points : 0

    Deepika its a good work

    Author: Pandurang Chavan09 Jun 2009 Member Level: Silver   Points : 0

    Hi

    you have done great work for forum..

    Regards ...
    pandurang

    Author: Ravi kiran21 Sep 2009 Member Level: Bronze   Points : 1

    Hi deepika,

    I am a new bee to desktop application, but had 3 yrs exp in webapplication. how can i avoid accesing any form without login like in web applications authentication. I don't know such an concept exists in desktop application or not. Could plz help me in this regard?

    Author: Deepika Haridas04 Aug 2010 Member Level: Gold   Points : 0

    @Phani : Thanks

    @Shuby : Thanks

    @Pandurang : Thanks

    Guest Author: Milina Tony16 Nov 2012

    Hey I can't download your project, plz fix the link, Plz thank very much.

    Guest Author: talha18 Mar 2013

    it's a nice post for authentication.

    Guest Author: ratna07 Oct 2013

    After creating form where I have to like that data



  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
    • Name:
    Email:
    Submit Article
    Return to Article Index

    Top Contributors

    Today
      Last 7 Days

      more...

      About dotnetspider.com

      We believe in providing quality content to our readers. If you have any questions or concerns regarding any content published here, feel free to contact us using the Contact link below.

      Quick Links
      General
      Services

      Digital Marketing by SpiderWorks Technologies, Kochi - India. ©