Sets the identity of the user for an ASP.NET application when forms authentication is enabled. This class cannot be inherited.
(in System.Web.dll)
Visual Basic (Declaration)
<AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level := AspNetHostingPermissionLevel.Minimal)> _
Public NotInheritable Class FormsAuthenticationModule _
Implements IHttpModule
Dim instance As FormsAuthenticationModule
[AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
public sealed class FormsAuthenticationModule : IHttpModule
[AspNetHostingPermissionAttribute(SecurityAction::LinkDemand, Level = AspNetHostingPermissionLevel::Minimal)]
public ref class FormsAuthenticationModule sealed : IHttpModule
public final class FormsAuthenticationModule implements IHttpModule
The FormsAuthenticationModule sets the current HttpContext..::.User property to an IPrincipal object that represents the user identity for the current request when the authentication Mode is set to Forms in the authentication Element (ASP.NET Settings Schema) element of the application's configuration file.
The FormsAuthenticationModule exposes an Authenticate event that enables you to provide a custom IPrincipal object for the User property of the current HttpContext. The Authenticate event is accessed by specifying a subroutine named FormsAuthentication_OnAuthenticate in the Global.asax file for your ASP.NET application.
The following example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a custom IPrincipal object.
Public Sub FormsAuthentication_OnAuthenticate(sender As Object, _
args As FormsAuthenticationEventArgs)
If FormsAuthentication.CookiesSupported Then
If Not Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing Then
Try
Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt( _
Request.Cookies(FormsAuthentication.FormsCookieName).Value)
args.User = New System.Security.Principal.GenericPrincipal( _
New Samples.AspNet.Security.MyFormsIdentity(ticket), _
New String(0) {})
Catch e As HttpException
' Decrypt method failed.
End Try
End If
Else
Throw New Exception("Cookieless Forms Authentication is not " & _
"supported for this application.")
End If
End Sub
public void FormsAuthentication_OnAuthenticate(object sender, FormsAuthenticationEventArgs args)
{
if (FormsAuthentication.CookiesSupported)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(
Request.Cookies[FormsAuthentication.FormsCookieName].Value);
args.User = new System.Security.Principal.GenericPrincipal(
new Samples.AspNet.Security.MyFormsIdentity(ticket),
new string[0]);
}
catch (Exception e)
{
// Decrypt method failed.
}
}
}
else
{
throw new HttpException("Cookieless Forms Authentication is not " +
"supported for this application.");
}
}
System..::.Object
System.Web.Security..::.FormsAuthenticationModule
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
.NET Framework
Supported in: 3.5, 3.0, 2.0, 1.1, 1.0
Reference
Other Resources