This method verifies that the passed arguments bszUsername and bszPassword are correct by contacting the appropriate Membership virtual server instance. If they are correct, an appropriate cookie is issued to the user, and the passed URL argument is returned. If the username and password are not valid, no cookie is issued, and the URL returned points to a predefined registration page.
IDL Definition
HRESULT VerifyCredentials(
BSTR bszUserName,
BSTR bszPassword,
BSTR bszURL,
[out, retval] BSTR * pbstrUrlToRedirect
);Parameters
bszUserName
The username to check along with a password
bszPassword
The password to check along with a username
bszURL
The URL to send the user if the presented credentials are valid.
pbstrUrlToRedirect
On return, the URL to redirect the client. This value is dependent on whether the client's presented credentials were valid or not. If the credentials are valid, the bszURL value is returned. Otherwise, a predefined error/registration URL is returned.
Return Values
A standard HRESULT value
Remarks
This method should be used in ASP pages for IIS server instances mapped to Authentication server instances that have "Membership" authentication set, and is most useful when "Forms Authentication" is being used. One then uses this method to perform the verification of credentials. Once the user has successfully provided authentic credentials to the VerifyCredentials method, the necessary cookies are sent in the response that then allow the user to access content.
In any case, a user must have the necessary cookies issued to proceed to content without being sent back to the login page.
Example
VBScript in an ASP page
Assume ”forms authentication" is being used for this IIS server. Further assume the items Username and Password are collected through an HTML form that has it's ACTION attribute set to an ASP script with the following code included. A "success" target URL is set up in the form if login is successful, usually as a "hidden" variable in the form.
<%
Name = Request("UserName")
Password = Request("Password")
URL = Request("SuccessURL")
Set IVerifUsr = Server.CreateObject("Membership.VerifUsr.1")
If IVerifUser.
returnedURL = oVerifUsr.VerifyCredentials(Name,Password,URL)
Response.Redirect returnedURL
%>