Skip to main content
.NET 8.0+

XafApplication.LastLogonParametersWriting Event

Occurs before saving the logon Window‘s logon parameters to the settings storage.

Namespace: DevExpress.ExpressApp

Assembly: DevExpress.ExpressApp.v24.2.dll

NuGet Package: DevExpress.ExpressApp

Declaration

public event EventHandler<LastLogonParametersWritingEventArgs> LastLogonParametersWriting

Event Data

The LastLogonParametersWriting event's data class is LastLogonParametersWritingEventArgs. The following properties provide information specific to this event:

Property Description
DetailView Provides access to the Detail View displayed on the current logon Window.
Handled Gets or sets a value that indicates whether the event handler has completely handled the event or whether the system should continue its own processing. Inherited from HandledEventArgs.
LogonObject Gets the object that specifies the current logon parameters.
SettingsStorage Provides access to the settings storage which is used to save logon parameters.

Remarks

A logon Window contains a View which represents a Security System‘s logon parameters. By default, this View shows the last user’s parameters. To save these parameters, a special storage object is created. In a Windows Forms application, it saves the current logon parameters to the LogonParameters file. In an ASP.NET Web Forms application, it saves them to cookies. By default, the user name is saved.

You can customize the logon parameters to be saved. For this purpose, handle the LastLogonParametersWriting event. This event is raised when the logon is successful. Use the handler’s LastLogonParametersWritingEventArgs.LogonObject parameter to specify the logon parameters to be saved. Save the customized logon parameters via the object specified by the LastLogonParametersWritingEventArgs.SettingsStorage parameter. Set the handler’s Handled parameter to true, to cancel the default operations performed with the settings storage.

An XAF application displays the last authenticated user name in the logon window, by default. So, end-users do not have to retype their user name each time they start the application. But, when the application administrator logs into the application at an end-user workstation to perform administrative tasks, the saved username is rewritten by the administrator’s user name. An end-user will have to type their user name at the next logon. The following example illustrates how to change this behavior, and not save a particular user name.

The Windows Forms application project’s Program.cs (Program.vb in VB) file:

static void Main() {
    // ...
    winApplication.LastLogonParametersWriting += 
        new EventHandler<LastLogonParametersWritingEventArgs>(
            winApplication_LastLogonParametersWriting);
    // ...
    winApplication.Setup();
    winApplication.Start();
    // ...
}
static void winApplication_LastLogonParametersWriting(
    object sender, LastLogonParametersWritingEventArgs e) {
    if(((AuthenticationStandardLogonParameters)e.LogonObject).UserName != "Admin") {
        e.SettingsStorage.SaveOption(
            "", "UserName", ((AuthenticationStandardLogonParameters)e.LogonObject).UserName);
        e.SettingsStorage.SaveOption(
            "", "Password", ((AuthenticationStandardLogonParameters)e.LogonObject).Password);
    }
    e.Handled = true;
}

The ASP.NET Web Forms application project’s Global.asax.cs (Global.asax.vb in VB) file:

protected void Session_Start(object sender, EventArgs e) {
    // ...
    WebApplication.Instance.LastLogonParametersWriting += 
        new EventHandler<LastLogonParametersWritingEventArgs>(
            Instance_LastLogonParametersWriting);
    // ...
    WebApplication.Instance.Setup();
    WebApplication.Instance.Start();
}

private void Instance_LastLogonParametersWriting(
    object sender, LastLogonParametersWritingEventArgs e) {
    if(((AuthenticationStandardLogonParameters)e.LogonObject).UserName != "Admin") {
        e.SettingsStorage.SaveOption(
            "", "UserName", ((AuthenticationStandardLogonParameters)e.LogonObject).UserName);
    }
    e.Handled = true;
}

With the code above, the “Admin” user name will not be saved in the LogonParameters file or in cookies, and the previously saved user name will not be changed. So, end-user will not have to type a user name after the application administrator has logged in to work with the application at the end-user workstation.

Additionally, the password can be saved together with the user name. To enable password saving in the Windows Forms application, add the following code to the LastLogonParametersWriting event handler:

e.SettingsStorage.SaveOption(
    "", "Password", ((AuthenticationStandardLogonParameters)e.LogonObject).Password);

Note

The password is saved to the LogonParameters file as plain text.

End-users can use their browser’s capabilities to save passwords in the ASP.NET Web Forms application.

When using custom logon parameters, you can implement the ICustomObjectSerialize interface. The logon parameters saving and loading can be handled in the ICustomObjectSerialize.ReadPropertyValues and ICustomObjectSerialize.WritePropertyValues methods.

See Also