www.gibmonks.com

Main Page

  Previous Section Next Section

FormsAuthentication

System.Web.Security (system.web.dll)sealed class

This class contains the shared (static) methods that you use in your custom login page to authenticate a user when using the FormsAuthenticationModule class. Typically, the first method your login page uses is the Authenticate( ) method, which compares a supplied user ID and password against the list of allowed logins defined in the web.config file. If this method returns True, the information is valid and you can use the RedirectFromLoginPage( ) method to issue the Forms cookie and redirect the user to the previously requested page, all at once. You need to supply the user ID to this method, along with a Boolean createPersistentCookie parameter. If createPersistentCookie is set to True, a "permanent" cookie (with an expiration date of fifty years into the future) will be created so that the user never needs to log in when they return to the site. This cookie is suitable only for applications that use authentication for personalization rather than security.

Other methods you might want to use in this class include SignOut( ), which removes the current Forms cookie, and SetAuthCookie( ), which creates the Forms cookie but does not redirect the user. (You could then retrieve the original requested URL by using the GetRedirectUrl( ) method and make a decision about whether to redirect the user to this page or to a default main page.)

You can also use the GetAuthCookie( ) method, which returns the Forms cookie as a System.Web.HttpCookie object. In this case, the user is not authenticated (and won't be able to access other pages in your application) until the cookie is added to the System.Web.HttpResponse.Cookies collection. You can work with this cookie on a lower level by using methods like Decrypt( ).

public sealed class FormsAuthentication {
// Public Constructors
   public FormsAuthentication( );
// Public Static Properties
   public static string FormsCookieName{get; }
   public static string FormsCookiePath{get; }
   public static bool RequireSSL{get; }
   public static bool SlidingExpiration{get; }
// Public Static Methods
   public static bool Authenticate(string name, string password);
   public static FormsAuthenticationTicket Decrypt(string encryptedTicket);
   public static string Encrypt(FormsAuthenticationTicket ticket);
   public static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie);
   public static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath);
   public static string GetRedirectUrl(string userName, bool createPersistentCookie);
   public static string HashPasswordForStoringInConfigFile(string password, string passwordFormat);
   public static void Initialize( );
   public static void RedirectFromLoginPage(string userName, bool createPersistentCookie);
   public static void RedirectFromLoginPage(string userName, bool createPersistentCookie, string strCookiePath);
   public static FormsAuthenticationTicket RenewTicketIfOld(FormsAuthenticationTicket tOld);
   public static void SetAuthCookie(string userName, bool createPersistentCookie);
   public static void SetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath);
   public static void SignOut( );
}
      Previous Section Next Section