MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Custom Login page

  Asked By: Jenny    Date: Mar 23    Category: MOSS    Views: 1750

I have been trying, rather unsuccessfully, to add a code behind to the
login.aspx page in MOSS 2007. I need to check for password expiration
and redirect. I have code to do that, but I can't get the code behind
to work. I followed a tutorial located here:
http://www.devx.com/enterprise/Article/35068/1954 but it still did not
work. There is an assembly tag in the file that the article didn't
mention. Does anyone have a working code behind login.aspx page, or
can anyone tell me how to do one?



9 Answers Found

Answer #1    Answered By: Aayushman Kanvinde     Answered On: Mar 23

I must admit I'm a bit confused by a brief scan of that article. Code
behind is more secure than inline because it's compiled? That simply isn't
true. code  behind is no more compiled than code in the single-file approach
(which in this case means precompilation to IL when the page  spins up and
JIT compilation at run time). You're not gaining any security here, and in
any case, the only time this would matter is if your users have file-system
access to your MOSS web servers.

What's the unfamiliar assembly tag in the file? Could it be a compiled
version of the supposed "code behind" that the author mentions?

Answer #2    Answered By: Edgardo Atkins     Answered On: Mar 23

The following quote from a MSDN article about SharePoint's support for inline
code is why a managed code  DLL is inherently more secure in SharePoint

Because inline code can run with full trust on the server, it is possible for a
developer to expose data from anywhere in the SharePoint environment by making a
call to elevate the privileges of the code during run time. As a best practice,
any inline code should therefore be reviewed for security implications before it
is allowed to be installed and run on the server.
Also, inline code won't work in most pages in SharePoint. Pages in _Layouts are
one of the few exceptions. Also, pages that are editable in SharePoint Designer
don't require file-system access to the server since they are stored in the
content database. Hence anyone with access to SPD could put inline code on a
page. That's why SharePoint tends to prohibit inline code in most places.

Here's the link to the MSDN article:

Answer #3    Answered By: Kamal Mayachari     Answered On: Mar 23

Okay, that makes a bit more sense. From my reading, the originally posted
article made no distinction between code  behind and compiled classes, and
some of its presuppositions appeared to conflict with the aforementioned
MSDN post.

Answer #4    Answered By: Kelsie Terrell     Answered On: Mar 23

I think that's because SharePoint doesn't really do code  behinds (ie. Partial
classes). You normally have to compile the code in a separate class library and
re-attach it by inheriting from the class.

Answer #5    Answered By: Alka Sarabhai     Answered On: Mar 23

Yeah... apparently, after two years with SharePoint, I'm still in the throes
of a paradigm shift (can you say "retooled ASP.NET developer"?) as evidenced
by my knee-jerk "file system access" response.

Answer #6    Answered By: Eashan Nadkarni     Answered On: Mar 23

There are so many things that are so similar that it really throws you off when
some of the differences crop up. In taking a brief look at the article I think
the other issue is the base class that they do inherit the login  page from.
LayoutsPageBase only works for authenticated users. I did this for an LDAP
provider back when SharePoint 2007 was in beta so I know its possible, but I
don't remember the specific details anymore.

Answer #7    Answered By: William Odom     Answered On: Mar 23

Yep; I've done some similar work with LDAP (and almost as long ago).

I just wish they wouldn't keep changing the nomenclature every time it
starts to make sense.

Answer #8    Answered By: Mia Scott     Answered On: Mar 23

I've got two tags at the top of the aspx  page.

<%@ Assembly Name="Microsoft.SharePoint.ApplicationPages,
Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>

<%@ page  Language="C#" Inherits="spLogin_cs.custLogin, spLogin_cs,
Version=, Culture=neutral, PublicKeyToken=bee307205d44c501"
MasterPageFile="~/_layouts/extranet_login.master" %>

I think the Assembly tag is incorrect. Here's the breakdown of what I
have above. spLogin_cs is the namespace (as well as the name of the
assembly), custLogin is the name of the class. The dll is signed and
that is the correct public key token. I've got the dll registered in
the gac.

Answer #9    Answered By: Kristian Chaney     Answered On: Mar 23

Well, I got it to not error. I had to set the class to public. Now
the code  behind runs on load, but on postback, it appears to ignore
the code behind and still hit the Sharepoint assembly. I took all the
code out except a response.write and that runs on initial load, but
on postback, it just logs me in, obviously not hitting my code at

Didn't find what you were looking for? Find more on Custom Login page Or get search suggestion and latest updates.