This class contains the shared (static) methods that you use in your
custom login page to authenticate a user when using the
FormsAuthenticationModule class. Typically, the
first method your login page uses is the Authenticate(
) method, which compares a supplied user ID and password
against the list of allowed logins defined in the
web.config file. If this method returns
True, the information is valid and you can use the
RedirectFromLoginPage( ) method to issue the Forms
cookie and redirect the user to the previously requested page, all at
once. You need to supply the user ID to this method, along with a
Boolean createPersistentCookie parameter. If
createPersistentCookie is set to
True, a
"permanent" cookie (with an
expiration date of fifty years into the future) will be created so
that the user never needs to log in when they return to the site.
This cookie is suitable only for applications that use authentication
for personalization rather than security.
Other methods you might want to use in this class include
SignOut( ), which removes the current Forms
cookie, and SetAuthCookie( ), which creates the
Forms cookie but does not redirect the user. (You could then retrieve
the original requested URL by using the GetRedirectUrl(
) method and make a decision about whether to redirect the
user to this page or to a default main page.)
You can also use the GetAuthCookie( ) method,
which returns the Forms cookie as a
System.Web.HttpCookie object. In this case, the
user is not authenticated (and won't be able to
access other pages in your application) until the cookie is added to
the System.Web.HttpResponse.Cookies collection.
You can work with this cookie on a lower level by using methods like
Decrypt( ).
public sealed class FormsAuthentication {
// Public Constructors
public
FormsAuthentication ( );
// Public Static Properties
public static string
FormsCookieName {get; }
public static string
FormsCookiePath {get; }
public static bool
RequireSSL {get; }
public static bool
SlidingExpiration {get; }
// Public Static Methods
public static bool
Authenticate (string
name , string
password );
public static FormsAuthenticationTicket
Decrypt (string
encryptedTicket );
public static string
Encrypt (FormsAuthenticationTicket
ticket );
public static HttpCookie
GetAuthCookie (string
userName , bool
createPersistentCookie );
public static HttpCookie
GetAuthCookie (string
userName , bool
createPersistentCookie , string
strCookiePath );
public static string
GetRedirectUrl (string
userName , bool
createPersistentCookie );
public static string
HashPasswordForStoringInConfigFile (string
password , string
passwordFormat );
public static void
Initialize ( );
public static void
RedirectFromLoginPage (string
userName , bool
createPersistentCookie );
public static void
RedirectFromLoginPage (string
userName , bool
createPersistentCookie , string
strCookiePath );
public static FormsAuthenticationTicket
RenewTicketIfOld (FormsAuthenticationTicket
tOld );
public static void
SetAuthCookie (string
userName , bool
createPersistentCookie );
public static void
SetAuthCookie (string
userName , bool
createPersistentCookie , string
strCookiePath );
public static void
SignOut ( );
}