Export (0) Print
Expand All

WebAuthenticationSuccessAuditEvent Class

Provides information about successful authentication events.

Namespace:  System.Web.Management
Assembly:  System.Web (in System.Web.dll)

public class WebAuthenticationSuccessAuditEvent : WebSuccessAuditEvent

The WebAuthenticationSuccessAuditEvent type exposes the following members.

  NameDescription
Protected methodWebAuthenticationSuccessAuditEvent(String, Object, Int32, String)Infrastructure. Initializes the WebAuthenticationSuccessAuditEvent class using the supplied parameters.
Protected methodWebAuthenticationSuccessAuditEvent(String, Object, Int32, Int32, String)Initializes the WebSuccessAuditEvent class using the supplied parameters.
Top

  NameDescription
Public propertyEventCodeGets the code value associated with the event. (Inherited from WebBaseEvent.)
Public propertyEventDetailCodeGets the event detail code. (Inherited from WebBaseEvent.)
Public propertyEventIDGets the identifier associated with the event. (Inherited from WebBaseEvent.)
Public propertyEventOccurrenceGets a counter that represents the number of times the event has occurred. (Inherited from WebBaseEvent.)
Public propertyEventSequenceGets the number of times the event has been raised by the application. (Inherited from WebBaseEvent.)
Public propertyEventSourceGets the object that raises the event. (Inherited from WebBaseEvent.)
Public propertyEventTimeGets the time when the event was raised. (Inherited from WebBaseEvent.)
Public propertyEventTimeUtcGets the time when the event was raised. (Inherited from WebBaseEvent.)
Public propertyMessageGets the message that describes the event. (Inherited from WebBaseEvent.)
Public propertyNameToAuthenticateGets the name of the authenticated user.
Public propertyProcessInformationGets information about the ASP.NET application-hosting process. (Inherited from WebManagementEvent.)
Public propertyRequestInformationGet the information associated with the Web request. (Inherited from WebAuditEvent.)
Top

  NameDescription
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFormatCustomEventDetailsProvides standard formatting of the event information. (Inherited from WebBaseEvent.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodIncrementPerfCountersInfrastructure. Increments the Audit Success Events Raised performance counter. (Inherited from WebSuccessAuditEvent.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodRaise()Raises an event by notifying any configured provider that the event has occurred. (Inherited from WebBaseEvent.)
Public methodToString()Formats event information for display purposes. (Inherited from WebBaseEvent.)
Public methodToString(Boolean, Boolean)Formats event information for display purposes. (Inherited from WebBaseEvent.)
Top

ASP.NET health monitoring allows production and operations staff to manage deployed Web applications. The System.Web.Management namespace contains the health-event types responsible for packaging application health-status data and the provider types responsible for processing this data. It also contains supporting types that help during the management of health events.

The following list describes the features for which ASP.NET raises events of type WebAuthenticationSuccessAuditEvent.

NoteNote

By default ASP.NET is configured to log audit failure conditions only, as logging success conditions can severely strain system resources. You can always configure the system to log the success conditions.

  • Forms Authentication. Successful conditions are audited. Success audits include the user name that was authenticated. Instead, failure audits do not include the user name, since they typically result from a ticket that failed decryption or validation. Both contain the client IP address. The related event audit code is AuditFormsAuthenticationSuccess.

  • Membership. Successful conditions are audited. Both success and failure audits contain the username that was attempted. Neither form of audit will contain the password that was attempted, because that would risk persisting a valid password in the log. The related event audit code is AuditMembershipAuthenticationSuccess.

When a WebAuthenticationSuccessAuditEvent is raised, by default it updates the Authentication Success Events Raised performance counter. To view this performance counter in System Monitor (PerfMon), in the Add Counters window select ASP.NET in the Performance object drop-down list, select the Authentication Success Events Raised performance counter, and click the Add button. For more information, see Using the System Monitor (PerfMon) with ASP.NET Applications on MSDN.

NoteNote

In most cases you will be able to use the ASP.NET health-monitoring types as implemented, and you will control the health-monitoring system by specifying values in the healthMonitoring configuration section. You can also derive from the health-monitoring types to create your own custom events and providers. For an example of deriving from the WebBaseEvent class, see the example provided in this topic.

This code example has two parts: a configuration-file excerpt, followed by code that shows how to customize the WebAuthenticationSuccessAuditEvent event.

This following is an excerpt of the configuration file's provider and eventMappings sections. They are already set by default. The only thing you need to do is to provide the setup for the rules element in the healthMonitoring section.

<healthMonitoring
  enabled="true"
  heartBeatInterval="0">

    <providers>
      // Configure the provider to process 
      // the health events.
      <add name="EventLogProvider"
         type="System.Web.Management.EventLogWebEventProvider,
         System.Web,Version=2.0.3600.0,Culture=neutral,
         PublicKeyToken=b03f5f7f11d50a3a"/>
    </providers>
    
    <eventMappings>
       <clear />
       // Configure the custom event 
       // to handle the audit events. 
        <add name="SampleWebAuthenticationSuccessAuditEvent" 
          type="SamplesAspNet.SampleWebAuthenticationSuccessAuditEvent,
          webauthsuccessaudit, Version=1.0.1735.23144, Culture=neutral, 
          PublicKeyToken=dd969eda3f3f6ae1, processorArchitecture=MSIL" />
         
     </eventMappings>
     <rules>
       <clear/>
       // Establish the connection between custom event 
       // and the provider that must process it.
      <add name="Log Authentication Success Audits" 
        eventName="SampleWebAuthenticationFailureAuditEvent"
        provider="EventLogProvider" 
        profile="Custom" />\
     </rules>

</healthMonitoring>

The following code shows how to customize the WebAuthenticationSuccessAuditEvent event.


using System;
using System.Text;
using System.Web;
using System.Web.Management;

namespace SamplesAspNet
{
    // Implements a custom WebAuthenticationSuccessAuditEvent class.  
    public class SampleWebAuthenticationSuccessAuditEvent : 
        System.Web.Management.WebAuthenticationSuccessAuditEvent
    {
        private string customCreatedMsg, customRaisedMsg;


        // Invoked in case of events identified only by their event code. 
        public SampleWebAuthenticationSuccessAuditEvent(
            string msg, object eventSource, 
            int eventCode, string userName):
        base(msg, eventSource, eventCode, userName)
        {
            // Perform custom initialization.
            customCreatedMsg =
                string.Format("Event created at: {0}",
                DateTime.Now.TimeOfDay.ToString());
        }


        // Invoked in case of events identified by their event code.and  
        // event detailed code. 
        public SampleWebAuthenticationSuccessAuditEvent(
            string msg, object eventSource,
            int eventCode, int detailedCode, string userName):
        base(msg, eventSource, eventCode, detailedCode, userName)
        {
            // Perform custom initialization.
            customCreatedMsg =
            string.Format("Event created at: {0}",
                DateTime.Now.TimeOfDay.ToString());
        }



        // Raises the SampleWebAuthenticationSuccessAuditEvent. 
        public override void Raise()
        {
            // Perform custom processing.
            customRaisedMsg =
                string.Format("Event raised at: {0}", 
                DateTime.Now.TimeOfDay.ToString());

            // Raise the event.
            WebBaseEvent.Raise(this);
        }


        // Obtains the current thread information. 
        public WebRequestInformation GetRequestInformation()
        {
            // No customization is allowed. 
            return RequestInformation;
        }


        //Formats Web request event information. 
        //This method is invoked indirectly by the provider  
        //using one of the overloaded ToString methods. 
        public override void FormatCustomEventDetails(WebEventFormatter formatter)
        {
            base.FormatCustomEventDetails(formatter);

            // Add custom data.
            formatter.AppendLine("");

            formatter.IndentationLevel += 1;
            formatter.AppendLine(
                "* SampleWebAuthenticationSuccessAuditEvent Start *");
            formatter.AppendLine(string.Format("Request path: {0}",
                RequestInformation.RequestPath));
            formatter.AppendLine(string.Format("Request Url: {0}",
                RequestInformation.RequestUrl));

            // Display custom event timing.
            formatter.AppendLine(customCreatedMsg);
            formatter.AppendLine(customRaisedMsg);

            formatter.AppendLine(
                "* SampleWebAuthenticationSuccessAuditEvent End *");

            formatter.IndentationLevel -= 1;

        }
    }

}

.NET Framework

Supported in: 4.6, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft