To make our login controls work with NHibernate, we need to implement the System.Web.Security.MembershipProvider
abstract class. This is an abstract class specifically designed to allow us to implement the standard security model using our own authentication logic.
When we implement the abstract class, there are about 30 methods and properties that we can override to implement all of the features of the membership provider, but we really only have to implement one method to get it to work. If we implement the ValidateUser()
method, we can have basic login functionality.
The
ValidateUser()
method has two parameters (both strings), UserName
and Password
. In our method, we need to accept these two parameters, validate that they match the credentials stored in the database, and return either true
or false
based on that validation.
A very simple implementation of the ValidateUser()
method using NHibernate would be to simply hash the user-supplied password, retrieve the user...