FormsAuthentication Class in ASP.Net C#

Asp.net, C#, Class, FormsAuthentication | 0 comments
The main application programming interface for interacting with Forms authentication is the FormsAuthentication class. This class supports the following properties:
  • CookieDomain : Returns the domain associated with the authentication cookie.
  • CookieMode : Returns the cookieless authentication mode. Possible values are AutoDetect, UseCookies, UseDeviceProfile, and UseUri.
  • CookiesSupported : Returns true when a browser supports cookies and Forms authentication is configured to use cookies.
  • DefaultUrl : Returns the URL of the page to which a user is redirected after being authenticated.
  • EnableCrossAppRedirects : Returns true when an authentication ticket can be removed from a query string.
  • FormsCookieName : Returns the name of the authentication cookie.
  • FormsCookiePath : Returns the path associated with the authentication cookie.
  • LoginUrl : Returns the URL of the page to which a user is redirected when being authenticated.
  • RequireSSL : Returns True when the authentication cookie must be transmitted with SSL (the Secure Sockets Layer).
  • SlidingExpiration : Returns True when the authentication cookie uses a sliding expiration policy.
These properties return the configuration settings for Forms authentication from the web configuration file.

The FormsAuthentication class supports the following methods:
  • Authenticate : Enables you to validate a username and password against a list of usernames and passwords stored in the web configuration file.
  • Decrypt : Enables you to decrypt an authentication cookie.
  • GetAuthCookie : Enables you to retrieve an authentication cookie.
  • GetRedirectUrl : Enables you to retrieve the path to the original page that caused the redirect to the Login page.
  • HashPasswordForStoringInConfigFile : Enables you to hash a password so that it can be stored in the web configuration file.
  • RedirectFromLoginPage : Enables you to redirect a user back to the original page requested before the user was redirected to the Login page.
  • RedirectToLoginPage : Enables you to redirect the user to the Login page.
  • RenewTicketIfOld : Enables you to update the expiration time of an authentication cookie.
  • SetAuthCookie : Enables you to create and issue an authentication cookie.
  • SignOut : Enables you to remove an authentication cookie and log out a user.
Web.Config

<configuration>
<system.web>
<authentication mode=”Forms”>
<forms>
<credentials passwordFormat=”Clear”>
<user name=”Rajiv” password=”secret” />
<user name=”Manish” password=”secret” />
<user name=”Pinky” password=”secret” />
</credentials>
</forms>
</authentication>
</system.web>
</configuration>

The web configuration file in contains a forms element that contains a credentials element. The credentials element includes a list of usernames and passwords.
Note, that the credentials element includes a passwordFormat attribute that is set to the value Clear. If you prefer, rather than store passwords in clear text, you can store password hash values. That way, anyone working on the web server can’t see everyone else’s passwords. The other two possible values for the passwordFormat attribute are MD5 and SHA1.
Tags: , , ,
Hot on Web:


About author

Newer Post Older Post Home