HOW TO: Use Mobile Forms Authentication with Microsoft Mobile Internet Toolkit

Article translations Article translations
Article ID: 311568 - View products that this article applies to.
This article was previously published under Q311568
Expand all | Collapse all

On This Page

Summary

This article describes how to use mobile forms authentication with Microsoft Mobile Internet Toolkit (MMIT).

Requirements

The following list outlines the recommended hardware, software, network infrastructure, and service packs that are required:
  • Microsoft Mobile Internet Toolkit 1.0
NOTE: To download Microsoft Mobile Internet Toolkit 1.0, visit the following Microsoft Web site:
Microsoft Mobile Internet Toolkit 1.0
http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/msdn-files/027/001/817/msdncompositedoc.xml

Description of Mobile Forms Authentication

MMIT supports the same authentication methods that Microsoft ASP.NET provides:
  • Forms
  • None
  • Passport
  • Windows
Mobile forms authentication works in conjunction with forms authentication from ASP.NET. To authenticate a user, you can authenticate against the <credentials> section of the Web.config file, or you can provide custom authentication.

Mobile forms authentication is different from forms authentication in that forms authentication works off of an HTTP redirect and an authentication cookie. Because not all mobile devices support redirects with cookies, mobile forms authentication puts the authentication information in the QueryString property instead of a cookie.

When you use mobile forms authentication, after you perform custom authentication and set the authentication cookie, call the MobileFormsAuthentication.RedirectFromLoginPage method instead of the FormsAuthentication.RedirectFromLoginPage method. If the browser on the device that you are using does not support a redirect with a cookie, mobile forms authentication removes the cookie from the HttpResponse.Cookies collection and puts the authentication information as a variable in the QueryString property.

When you want the user to re-authenticate, use the MobileFormsAuthentication.SignOut method instead of the FormsAuthentication.SignOut method. MobileFormsAuthentication.SignOut calls FormsAuthentication.SignOut internally and sets the MobilePage.Adapter.PersistCookielessData property to false. When this property is set to true, each link that is generated for the page adds the authentication information to the URL as a QueryString variable. When this property is set to false, no authentication information is added to the URL.

Create the Sample Code to Perform Mobile Forms Authentication

  1. Follow these steps to create a new Visual C# Mobile Web Application project:
    1. Start Microsoft Visual Studio .NET.
    2. On the File menu, point to New, and then click Project.
    3. Click Visual C# Projects under Project Types, and then click Mobile Web Application under Templates.
  2. Add the following code to the Web.config file:
       <authentication mode="Forms">
          <forms loginUrl="login.aspx" name="nameOfAuthCookie" timeout="60" path="/" >
             <credentials passwordFormat="Clear">
                <user name="username" password="password"/>
             </credentials>
          </forms>
       </authentication>
       <authorization>
    	<deny users="?" />
       </authorization>
        
    					
  3. Follow these steps to add a Mobile Web Form to the project:
    1. On the Project menu, click Add New Item.
    2. Click Mobile Web Form under Templates.
    3. Type Login.aspx in the Name box.
  4. Add the following controls from the Mobile Controls section of the toolbox to the page:
    Collapse this tableExpand this table
    Control TypeControl NameControl Text
    LabelLabel1(default)Type User Name
    TextBoxtxtUserName
    LabelLabel2(default)Type Password
    TextBoxtxtPassword
    CommandcmdLoginLog On
    LabellblError

  5. Double-click Log On to open the Click event of the Button control and to open the code-behind page.
  6. Add the following code to the code-behind page:
    private void cmdLogin_Click(Object sender, EventArgs e)
       {
          if(IsAuthenticated(txtUsername.Text, txtPassword.Text))
          {
           MobileFormsAuthentication.RedirectFromLoginPage(txtPassword.Text,true);
          }
          else
          {
             lblError.Text = "Check your credentials";
          }
       }
    
    private bool IsAuthenticated(String user, String password)
    {//Check the values against forms authentication store.
    
       if(FormsAuthentication.Authenticate(user, password))
       {
          return true;
       }
       else
       {
          return false;
        }
    }
    					
  7. Add the following using statement to the "using" section of the code-behind page:
    using System.Web.Security;
    					
  8. Follow these steps to add another Mobile Web Form to the project:
    1. On the Project menu, click Add New Item.
    2. Click Mobile Web Form under Templates.
    3. Type Page1.aspx in the Name box.
  9. Add a Label control to the page, and then change the text of the Label control to Authenticated!.
  10. Compile the application, and then open the Page1.aspx page in your browser. Notice that you are redirected to the Login.aspx page, where you must log on. After you are successfully logged on, you are then redirected to Page1.aspx.

References

For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:
311495 HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual C# .NET
306238 HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual Basic .NET
For more information, visit the following Microsoft Web site:
.NET Passport Integration with the Microsoft Mobile Internet Toolkit
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmitta/html/mmitpassport.asp

Properties

Article ID: 311568 - Last Review: January 23, 2013 - Revision: 2.0
Applies to
Keywords: 
kbDSupport kbhowto kbhowtomaster kbhtmldevice kbsecurity kbwmldevice KB311568
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com