Step 4 - Displaying a Login Form

When you create a new Web Forms application, a Login Form is automatically created for you. By default, it's a simple form with just a few controls, but you can enhance it to your heart's content:

In an MM .NET Web Forms application, you can specify that a form requires a user to log in before accessing the page. If an unauthenticated user (one that hasn't logged in yet) tries to access the form, they are redirected to the login form first. Once a user is authenticated, they are then redirected to the page they originally requested.

To specify that a form requires the user to log in, set its RequiresSecurity property to true. For details, see the Help topic Securing Forms.

Displaying Login Confirmation

After a user has been authenticated, they are redirected to the page they originally requested. Optionally, you can display a login confirmation message that is displayed after the user has been successfully authenticated and before they are redirected back to the original page:

If you want to display this login confirmation message, set your application's UserLogin form DisplayLoginConfirmation property to true.

For example, in C#:

private void Page_Load(object sender, System.EventArgs e)
{
	this.DisplayLoginConfirmation = true;
}

And in VB .NET:

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
    Me.DisplayLoginConfirmation = True
End Sub

Alternately, you can set the DisplayLoginConfirmation property in the Properties Window.

User Login Session Variables

After a user has successfully logged in, the user's primary key is stored in the mmUserSecurity_UserPk session variable. You can retrieve this information as follows:

object UserPk = Session["mmUserSecurity_UserPk"];

And in VB .NET:

Dim UserPk As Object = Session("mmUserSecurity_UserPk")

Using the HookUserAuthenticated Method

At times you may want to perform additional processing when a user has been authenticated. The HookUserAuthenticated method provides a hook into which you can place code to be executed after a user's login credentials (such as user ID and password) are authenticated. You can add an override of this method to your application-level login form and place processing code in this method.

For example, in C#:

public override void HookUserAuthenticated(object userPK)
{
	// TODO: Additional processing code
}

And in VB .NET:

Public Overrides Sub HookUserAuthenticated(userPK As Object)
	' TODO: Additional processing code
End Sub

See also:
Step 5 - Displaying the Web Administration Form | Securing Forms

© (c) 2026 Oak Leaf Enterprises, Inc., 1996-2026 • Updated: 04/26/18
Comment or report problem with topic