Creating Log-In page connecting Access Database

Log in page with username/password from Access Database

Page 1 of 1

3 Replies - 9957 Views - Last Post: 26 May 2012 - 09:22 AM Rate Topic: -----

#1 nemse  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 07-October 08

Creating Log-In page connecting Access Database

Post icon  Posted 05 December 2008 - 12:50 PM

Hi, I need a help to create a log in Page.

I'm doing my work in VB express 2008. I'm trying to connect it to my access 2007 Database, so a user can log in with ther username and password, if they are using valid username/password.

I've connected my Access 2007 database using Data Source window: data->show data sources->add new data source.
Is this the correct way to connect database for my Log-In page?

I really don't know what to do from here.
Can anyone please guide me?

Here's my code so far, and I've attached my GUI, so you can easily see what I'm trying to do.

Public Class Loginform

	Private Sub LinkLabel1_LinkClicked(ByVal sender As System.Object, ByVal e As System.Windows.Forms.LinkLabelLinkClickedEventArgs) Handles newuserLinkLabel.LinkClicked
		Register.Show()
	End Sub



	Private Sub okButton_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles okButton.Click
		Dim userName As String = usernameTextBox.Text
		Dim password As String = passwordTextBox.Text

		If (userName.Length <> 0) Then
--------------> what code do I need here to check if a user typed the correct username that matches the data in database? ---------------------
		Else
			MessageBox.Show(Me, "Please complete the information.", "Login Error")
		End If
	End Sub

	Private Sub ClearButton_Click_1(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ClearButton.Click
		Me.usernameTextBox.Text = ""
		Me.passwordTextBox.Text = ""
	End Sub
End Class

Attached image(s)

  • Attached Image

This post has been edited by nemse: 05 December 2008 - 02:05 PM


Is This A Good Question/Topic? 0
  • +

Replies To: Creating Log-In page connecting Access Database

#2 moonlight-mazen  Icon User is offline

  • New D.I.C Head

Reputation: 1
  • View blog
  • Posts: 2
  • Joined: 18-December 08

Re: Creating Log-In page connecting Access Database

Posted 18 December 2008 - 05:48 AM

View Postnemse, on 5 Dec, 2008 - 11:50 AM, said:

Hi, I need a help to create a log in Page.

I'm doing my work in VB express 2008. I'm trying to connect it to my access 2007 Database, so a user can log in with ther username and password, if they are using valid username/password.

I've connected my Access 2007 database using Data Source window: data->show data sources->add new data source.
Is this the correct way to connect database for my Log-In page?

I really don't know what to do from here.
Can anyone please guide me?

Here's my code so far, and I've attached my GUI, so you can easily see what I'm trying to do.

Public Class Loginform

	Private Sub LinkLabel1_LinkClicked(ByVal sender As System.Object, ByVal e As System.Windows.Forms.LinkLabelLinkClickedEventArgs) Handles newuserLinkLabel.LinkClicked
		Register.Show()
	End Sub



	Private Sub okButton_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles okButton.Click
		Dim userName As String = usernameTextBox.Text
		Dim password As String = passwordTextBox.Text

		If (userName.Length <> 0) Then
--------------> what code do I need here to check if a user typed the correct username that matches the data in database? ---------------------
		Else
			MessageBox.Show(Me, "Please complete the information.", "Login Error")
		End If
	End Sub

	Private Sub ClearButton_Click_1(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ClearButton.Click
		Me.usernameTextBox.Text = ""
		Me.passwordTextBox.Text = ""
	End Sub
End Class




I have the same problem
Was This Post Helpful? 1

#3 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 6490
  • View blog
  • Posts: 23,571
  • Joined: 12-June 08

Re: Creating Log-In page connecting Access Database

Posted 18 December 2008 - 11:20 AM

That sounds about right to hooking up to an access database.. the problem with the access database is you will need a 'read only' login to query a table for acceptable entry for the name and password... and I am not sure if what ever security you are trying to enforce cannot be circumvented by just opening up the file in MS Access.

In short - you will need:
1. table with user name and passwords
2. some sort of readonly user id that you can code in to your connection string for the sole purpose of taking the entered user name and password back to the access DB and verifying they can log in.
2.a if they can then go about your program normally.
2.b if they are not supposed to be there do not let them past the screen.
Was This Post Helpful? 0
  • +
  • -

#4 digitaldevelopment  Icon User is offline

  • D.I.C Head

Reputation: 9
  • View blog
  • Posts: 168
  • Joined: 30-April 12

Re: Creating Log-In page connecting Access Database

Posted 26 May 2012 - 09:22 AM

well I had the same problem, and I have been there, done that.
now I did something else, like this:
use this to implement authentication
and to retrieve the information from a database, here is how I did it;
first to retrieve the password stored (prehashed, I'll go in on this later note me if I forget):
    Public Sub QueryUser(selectStatement As String)
        'Declare variables and objects
        Dim strConnectionString As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\bedrijf.accdb;Persist Security Info=True;Jet OLEDB:Database Password=miniemen"
        Dim objConnection As New OleDbConnection(strConnectionString)
        Dim strSQL As String = "SELECT naam,password FROM personeel INNER JOIN users ON personeel.personeelnr = users.personeelnr WHERE (personeel.naam = '" & selectStatement & "')"
        Console.WriteLine(strSQL)
        Dim objCommand As New OleDbCommand(strSQL, objConnection)
        Dim objDataAdapter As New OleDbDataAdapter(objCommand)
        Dim objDataTable As New Data.DataTable("personeel")
        Dim objDataRow As DataRow

        Try
            'Open the database connection
            objConnection.Open()
        Catch OleDbExceptionErr As OleDbException
            'Write the exception
            Console.WriteLine(OleDbExceptionErr.Message)
        Catch InvalidOperationExceptionErr As InvalidOperationException
            'Write the exception
            Console.WriteLine(InvalidOperationExceptionErr.Message)
        End Try
        'Declare an OleDbDataReader object
        Dim objDataReader As OleDbDataReader

        Try
            'Execute the SQL text
            objDataReader = objCommand.ExecuteReader()

            'Check to see if we have data
            If objDataReader.HasRows Then
                'Process all rows
                While objDataReader.Read()
                    'Get the data in each column
                    'note to myself: one index for the username loading and one index for the pasword loading
                    usernameQueried = objDataReader.Item(0).ToString
                    passwordQueried = objDataReader.Item(1).ToString
                End While
            End If
            'Close the reader
            objDataReader.Close()

        Catch OleDbExceptionErr As OleDbException
            Console.WriteLine(OleDbExceptionErr.Message)
        End Try
        'Close the database connection
        objConnection.Close()
        'Clean up
        objDataRow = Nothing
        objDataTable.Dispose()
        objDataTable = Nothing
        objDataAdapter.Dispose()
        objDataAdapter = Nothing
        objCommand.Dispose()
        objCommand = Nothing
        objConnection.Dispose()
        objConnection = Nothing
    End Sub

this retrieves the password from table name users.
in another table I have names with an ID linked to it. it retrieves the ID of that name and searches for a password of that ID. that is what is retrieved and compared.
the function to call this query looks like this:
    Public Function GetHashedPassword(ByVal username As String) As String
        username = Trim(username)
        QueryUser(username)
        Return Query.passwordQueried
    End Function

now let's take a look at how to hash the strings so you can place them in your database (this is from a modified snippet) I have it in a module
Imports System.Security
Imports System.IO
Imports System.Security.Cryptography
Imports System.Text

Module createUser
    Enum HashMethod
        MD5
        SHA1
        SHA384
    End Enum

    Function GenerateHashDigest(ByVal source As String, ByVal algorithm As HashMethod) As String
        Dim hashAlgorithm As HashAlgorithm = Nothing
        Select Case algorithm
            Case HashMethod.MD5
                hashAlgorithm = New MD5CryptoServiceProvider
            Case HashMethod.SHA1
                hashAlgorithm = New SHA1CryptoServiceProvider
            Case HashMethod.SHA384
                hashAlgorithm = New SHA384Managed
            Case Else
                MsgBox("error: unknown hash type")
        End Select

        Dim byteValue = Encoding.UTF8.GetBytes(source)
        Dim hashValue = hashAlgorithm.ComputeHash(byteValue)
        Return Convert.ToBase64String(hashValue)
    End Function
End Module

now the login:
I have a class Iprincipal:
Public Class IPrincipal
    Implements System.Security.Principal.IPrincipal

    Private identityValue As classIdentity

    Public ReadOnly Property Identity() As System.Security.Principal.IIdentity Implements System.Security.Principal.IPrincipal.Identity
        Get
            Return identityValue
        End Get
    End Property

    Public Function IsInRole(ByVal role As String) As Boolean Implements System.Security.Principal.IPrincipal.IsInRole
        Return role = identityValue.Role.ToString
    End Function

    Public Sub New(ByVal name As String, ByVal password As String)
        identityValue = New classIdentity(name, password)
    End Sub

End Class

and a class classIdentity:
Public Class classIdentity
    Implements System.Security.Principal.IIdentity

    Private nameValue As String
    Private authenticatedValue As Boolean
    Public roleValue As ApplicationServices.BuiltInRole

    Public ReadOnly Property AuthenticationType() As String Implements System.Security.Principal.IIdentity.AuthenticationType
        Get
            Return "Custom Authentication"
        End Get
    End Property

    Public ReadOnly Property IsAuthenticated() As Boolean Implements System.Security.Principal.IIdentity.IsAuthenticated
        Get
            Return authenticatedValue
        End Get
    End Property

    Public ReadOnly Property Name() As String Implements System.Security.Principal.IIdentity.Name
        Get
            Return nameValue
        End Get
    End Property

    Public ReadOnly Property Role() As ApplicationServices.BuiltInRole
        Get
            Return roleValue
        End Get
    End Property

    Public Sub New(ByVal name As String, ByVal password As String)
        ' The name is not case sensitive, but the password is.
        If IsValidNameAndPassword(name, password) Then
            nameValue = name.ToLower()
            authenticatedValue = True
            If name = "william" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "lenni" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "kevin" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "antonk" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "wannes" Then
                roleValue = ApplicationServices.BuiltInRole.Administrator
            ElseIf name = "jente" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "dennis" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "ruben" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "jonut" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "hans" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "antonv" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "ian" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "nico" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "glenn" Then
                roleValue = ApplicationServices.BuiltInRole.SystemOperator
            ElseIf name = "kristof" Then
                roleValue = ApplicationServices.BuiltInRole.PowerUser
            ElseIf name = "paul" Then
                roleValue = ApplicationServices.BuiltInRole.PowerUser
            ElseIf name = "patrick" Then
                roleValue = ApplicationServices.BuiltInRole.PowerUser
            End If
        End If
    End Sub

    Private Function IsValidNameAndPassword(
        ByVal username As String,
        ByVal password As String) As Boolean
        ' Look up the stored hashed password and salt for the username.
        Dim storedHashedPW As String = GetHashedPassword(username)
        Dim salt As String = GetSalt(username)

        'Create the salted hash.
        Dim rawSalted As String = salt & Trim(password)
        Dim saltedPwBytes() As Byte =
            System.Text.Encoding.Unicode.GetBytes(rawSalted)
        Dim sha1 As New System.Security.Cryptography.
            SHA1CryptoServiceProvider
        Dim hashedPwBytes() As Byte = sha1.ComputeHash(saltedPwBytes)
        Dim hashedPw As String = Convert.ToBase64String(hashedPwBytes)
        Return hashedPw = storedHashedPW
    End Function

    Private Function GetSalt(ByVal username As String) As String
        Return "Should be a different random value for each user"
    End Function
    Public Function GetHashedPassword(ByVal username As String) As String
        username = Trim(username)
        QueryUser(username)
        Return Query.passwordQueried
    End Function
End Class

(this contains some hardcoded parts so you'll need to modify a bit)
then take a standard login screen and use this code:
Public Class login
    Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
        Dim samplePrincipal As New IPrincipal(
            Me.UsernameTextBox.Text, Me.PasswordTextBox.Text)
        Me.PasswordTextBox.Text = ""
        If (Not samplePrincipal.Identity.IsAuthenticated) Then
            ' The user is still not validated.
            MsgBox("The username and/or password pair is incorrect")
            fillAll.SetError(UsernameTextBox, "please check again")
        Else
            ' Update the current principal.
            My.User.CurrentPrincipal = samplePrincipal
            main_menu.Show()
            Me.Close()
        End If
    End Sub

    Private Sub Cancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cancel.Click
        Me.Close()
    End Sub

    Private Sub login_Load(sender As Object, e As EventArgs) Handles MyBase.Load
        Me.ShowInTaskbar = False
        Me.CenterToScreen()
    End Sub
End Class

in the main menu (that opens after the login is successfull) you need two labels (described in the link at the beginning about authentication)
    Private Sub main_menu_Load(sender As Object, e As EventArgs) Handles MyBase.Load
        Me.CenterToScreen()
        Me.FormBorderStyle = Windows.Forms.FormBorderStyle.FixedSingle
        ' Check if the user was authenticated.
        If My.User.IsAuthenticated Then
            Me.lblUser.Text = "Authenticated " & My.User.Name
        Else
            Me.lblUser.Text = "User not authenticated"
            btnLogout.Visible = False
        End If
        mainRole()
    End Sub

if I forgot something or something doesn't work, please note me and I'll reply as fast as I can
Was This Post Helpful? 0
  • +
  • -
Page 1 of 1