Microsoft KB Archive/311568

= HOW TO: Use Mobile Forms Authentication with Microsoft Mobile Internet Toolkit =

Article ID: 311568

Article Last Modified on 10/27/2002

-

APPLIES TO


 * Microsoft Mobile Internet Toolkit 1.0

-



This article was previously published under Q311568



IN THIS TASK
SUMMARY
 * Requirements
 * Description of Mobile Forms Authentication
 * Create the Sample Code to Perform Mobile Forms Authentication

REFERENCES



SUMMARY
This article describes how to use mobile forms authentication with Microsoft Mobile Internet Toolkit (MMIT).

back to the top

Requirements
The following list outlines the recommended hardware, software, network infrastructure, and service packs that are required:
 * Microsoft Mobile Internet Toolkit 1.0

NOTE: To download Microsoft Mobile Internet Toolkit 1.0, visit the following Microsoft Web site:

Microsoft Mobile Internet Toolkit 1.0

http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/msdn-files/027/001/817/msdncompositedoc.xml

back to the top

Description of Mobile Forms Authentication
MMIT supports the same authentication methods that Microsoft ASP.NET provides:
 * Forms
 * None
 * Passport
 * Windows

Mobile forms authentication works in conjunction with forms authentication from ASP.NET. To authenticate a user, you can authenticate against the   section of the Web.config file, or you can provide custom authentication.

Mobile forms authentication is different from forms authentication in that forms authentication works off of an HTTP redirect and an authentication cookie. Because not all mobile devices support redirects with cookies, mobile forms authentication puts the authentication information in the QueryString property instead of a cookie.

When you use mobile forms authentication, after you perform custom authentication and set the authentication cookie, call the MobileFormsAuthentication.RedirectFromLoginPage method instead of the FormsAuthentication.RedirectFromLoginPage method. If the browser on the device that you are using does not support a redirect with a cookie, mobile forms authentication removes the cookie from the HttpResponse.Cookies collection and puts the authentication information as a variable in the QueryString property.

When you want the user to re-authenticate, use the MobileFormsAuthentication.SignOut method instead of the FormsAuthentication.SignOut method. MobileFormsAuthentication.SignOut calls FormsAuthentication.SignOut internally and sets the MobilePage.Adapter.PersistCookielessData property to false. When this property is set to true, each link that is generated for the page adds the authentication information to the URL as a QueryString variable. When this property is set to false, no authentication information is added to the URL.

back to the top

Create the Sample Code to Perform Mobile Forms Authentication
 Follow these steps to create a new Visual C# Mobile Web Application project:  Start Microsoft Visual Studio .NET. On the File menu, point to New, and then click Project. Click Visual C# Projects under Project Types, and then click Mobile Web Application under Templates.   Add the following code to the Web.config file:  <forms loginUrl=&quot;login.aspx&quot; name=&quot;nameOfAuthCookie&quot; timeout=&quot;60&quot; path=&quot;/&quot; > <credentials passwordFormat=&quot;Clear&quot;> <user name=&quot;username&quot; password=&quot;password&quot;/> <deny users=&quot;?&quot; /> </li> Follow these steps to add a Mobile Web Form to the project:  On the Project menu, click Add New Item.</li> Click Mobile Web Form under Templates.</li> Type Login.aspx in the Name box.</li></ol> </li> Add the following controls from the Mobile Controls section of the toolbox to the page:

</li> Double-click Log On to open the Click event of the Button control and to open the code-behind page.</li>  Add the following code to the code-behind page: private void cmdLogin_Click(Object sender, EventArgs e)  { if(IsAuthenticated(txtUsername.Text, txtPassword.Text)) {      MobileFormsAuthentication.RedirectFromLoginPage(txtPassword.Text,true); }     else {        lblError.Text = &quot;Check your credentials&quot;; }  }

private bool IsAuthenticated(String user, String password) {//Check the values against forms authentication store.

if(FormsAuthentication.Authenticate(user, password)) {     return true; }  else {     return false; } }                   </li>  Add the following using statement to the &quot;using&quot; section of the code-behind page: using System.Web.Security; </li> Follow these steps to add another Mobile Web Form to the project:  On the Project menu, click Add New Item.</li> Click Mobile Web Form under Templates.</li> Type Page1.aspx in the Name box.</li></ol> </li> Add a Label control to the page, and then change the text of the Label control to Authenticated! .</li> Compile the application, and then open the Page1.aspx page in your browser. Notice that you are redirected to the Login.aspx page, where you must log on. After you are successfully logged on, you are then redirected to Page1.aspx.</li></ol>

back to the top

<div class="references_section">