This class contains the shared (static) methods that you use in your
custom login page to authenticate a user when using the
FormsAuthenticationModule class. Typically, the
first method your login page uses is the Authenticate(
) method, which compares a supplied user ID and password
against the list of allowed logins defined in the
web.config file. If this method returns
True, the information is valid and you can use the
RedirectFromLoginPage( ) method to issue the Forms
cookie and redirect the user to the previously requested page, all at
once. You need to supply the user ID to this method, along with a
Boolean createPersistentCookie parameter. If
createPersistentCookie is set to
True, a
"permanent" cookie (with an
expiration date of fifty years into the future) will be created so
that the user never needs to log in when they return to the site.
This cookie is suitable only for applications that use authentication
for personalization rather than security.
Other methods you might want to use in this class include
SignOut( ), which removes the current Forms
cookie, and SetAuthCookie( ), which creates the
Forms cookie but does not redirect the user. (You could then retrieve
the original requested URL by using the GetRedirectUrl(
) method and make a decision about whether to redirect the
user to this page or to a default main page.)
You can also use the GetAuthCookie( ) method,
which returns the Forms cookie as a
System.Web.HttpCookie object. In this case, the
user is not authenticated (and won't be able to
access other pages in your application) until the cookie is added to
the System.Web.HttpResponse.Cookies collection.
You can work with this cookie on a lower level by using methods like
Decrypt( ).
public sealed class FormsAuthentication {
// Public Constructors
public FormsAuthentication( );
// Public Static Properties
public static string FormsCookieName{get; }
public static string FormsCookiePath{get; }
public static bool RequireSSL{get; }
public static bool SlidingExpiration{get; }
// Public Static Methods
public static bool Authenticate(string name, string password);
public static FormsAuthenticationTicket Decrypt(string encryptedTicket);
public static string Encrypt(FormsAuthenticationTicket ticket);
public static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie);
public static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath);
public static string GetRedirectUrl(string userName, bool createPersistentCookie);
public static string HashPasswordForStoringInConfigFile(string password, string passwordFormat);
public static void Initialize( );
public static void RedirectFromLoginPage(string userName, bool createPersistentCookie);
public static void RedirectFromLoginPage(string userName, bool createPersistentCookie, string strCookiePath);
public static FormsAuthenticationTicket RenewTicketIfOld(FormsAuthenticationTicket tOld);
public static void SetAuthCookie(string userName, bool createPersistentCookie);
public static void SetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath);
public static void SignOut( );
}
