Authentication for asp.net website without using any database

Is开发者_开发问答 there any way to provide user log-in without the need for a DB. We are deploying a system to control some hardware and the customer wants an interface they can access from a browser, but they also want to provide log-in to prevent just any body from accessing it.

I have no reason for a DB to implement what I need. I would hate to have to install a DB on the box just to provide authentication.

Pretty sure I am going to use a MVC web project.

Using forms authentication you can store the credentials in the config file. Check out this MSDN Link

You can enable authentication via your web config, and specify the users within the same file instead of a database.

An example of this would look like :

<authentication mode="Forms">
<forms loginUrl="MyLoginPage.aspx">
    <credentials passwordFormat="Clear">
        <user name="Darren" password="foobar" />
    </credentials>
</forms>
</authentication>

Then you could use it like

 if (FormsAuthentication.Authenticate (txtUserName.Text, txtPassword.Text)){
FormsAuthentication.RedirectFromLoginPage (txtUserName.Text, False);}

see here for more details

Yes, you can use forms authentication and store the usernames and passwords in the web.config. I wouldn't recommend this approach for anything but the simplest sites.

Have a look at this MSDN article for more info:

http://msdn.microsoft.com/en-us/library/da0adyye.aspx

Sure. For very simple sites you can simply use forms authentication and store usernames/password (encrypted, of course!) in web.config or in a users.xml file.

For larger, more fully-featured sites you can implement a custom membership provider to use whatever backing store you like, or utilise one of the off-the-shelf ones that are out there (such as this xml membership provider).