FormsAuthentication.Encrypt Method
Creates a string containing an encrypted forms-authentication ticket suitable for use in an HTTP cookie.
Assembly: System.Web (in System.Web.dll)
Parameters
- ticket
- Type: System.Web.Security.FormsAuthenticationTicket
The FormsAuthenticationTicket object with which to create the encrypted forms-authentication ticket.
| Exception | Condition |
|---|---|
| ArgumentNullException | ticket is null. |
The following code example stores the result of the Encrypt method in a cookie by using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.
 Security Note |
|---|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview. |
<%@ Page Language="C#" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> private void Login_Click(Object sender, EventArgs e) { // Create a custom FormsAuthenticationTicket containing // application specific data for the user. string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = false; if (Membership.ValidateUser(username, password)) { string userData = "ApplicationSpecific data for this user."; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(30), isPersistent, userData, FormsAuthentication.FormsCookiePath); // Encrypt the ticket. string encTicket = FormsAuthentication.Encrypt(ticket); // Create the cookie. Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); // Redirect back to original URL. Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)); } else { Msg.Text = "Login failed. Please check your user name and password and try again."; } } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Forms Authentication Login</title> </head> <body> <form id="form1" runat="server"> <span style="BACKGROUND: #80ff80; font-weight:bold"> Login Page </span> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table border="0"> <tbody> <tr> <td>Username:</td> <td><asp:TextBox id="UserNameTextBox" runat="server" /></td> <td> <asp:RequiredFieldValidator id="RequiredFieldValidator1" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserNameTextBox" /> </td> </tr> <tr> <td>Password:</td> <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td> <td> <asp:RequiredFieldValidator id="RequiredFieldValidator2" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserPassTextBox" /> </td> </tr> </tbody> </table> <input type="submit" value="Login" runat="server" onserverclick="Login_Click" /> </form> </body> </html>
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
