FormsAuthenticationTicket Class
This page is specific to:.NET Framework Version:1.12.03.03.54.0
.NET Framework Class Library
FormsAuthenticationTicket Class

Provides access to properties and values of the ticket used with forms authentication to identify users. This class cannot be inherited.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
Syntax
Copy to ClipboardPrint
'Usage

Dim instance As FormsAuthenticationTicket

'Declaration

<SerializableAttribute> _
<AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level := AspNetHostingPermissionLevel.Minimal)> _
Public NotInheritable Class FormsAuthenticationTicket
Remarks

The FormsAuthenticationTicket class is used to create an object that represents the authentication ticket that is used by forms authentication to identify an authenticated user. The properties and values of a forms-authentication ticket are converted to and from an encrypted string that is stored in a cookie or in the URL.

The FormsAuthentication class provides an Encrypt method to create a string value that can be stored in a cookie or in the URL from a FormsAuthenticationTicket. The FormsAuthentication class also provides a Decrypt method to create a FormsAuthenticationTicket object from the encrypted authentication ticket retrieved from the forms-authentication cookie or the URL.

The FormsAuthenticationTicket for the current authenticated user can be accessed using the Ticket property of the FormsIdentity class. You can access the current FormsIdentity object by casting the Identity property of the current User as type FormsIdentity.
Examples

The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName and redirects the user to the URL returned from the GetRedirectUrl method.

Security noteSecurity Note:

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

Copy to ClipboardPrint
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  Private Sub Login_Click(sender As Object, e As EventArgs)

    ' Create a custom FormsAuthenticationTicket containing
    ' application specific data for the user.

    Dim username As String      = UserNameTextBox.Text
    Dim password As String      = UserPassTextBox.Text
    Dim isPersistent As Boolean = PersistCheckBox.Checked

    If Membership.ValidateUser(username, password) Then

      Dim userData As String = "ApplicationSpecific data for this user."

      Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
        username, _
        DateTime.Now, _
        DateTime.Now.AddMinutes(30), _
        isPersistent, _
        userData, _
        FormsAuthentication.FormsCookiePath)

      ' Encrypt the ticket.
      Dim encTicket As String = FormsAuthentication.Encrypt(ticket)

      ' Create the cookie.
      Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))

      ' Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
    Else    
      Msg.Text = "Login failed. Please check your user name and password and try again."
    End If
  End Sub

</script>
<html  >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND:#80ff80; font-weight:bold"> 
          Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Check here if this is
                        <span style="text-decoration:underline"> not </span>
                        <br />a public computer:</td>
                    <td><asp:CheckBox id="PersistCheckBox" runat="server" autopostback="true" /></td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>
.NET Framework Security
Inheritance Hierarchy
System..::.Object
  System.Web.Security..::.FormsAuthenticationTicket
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0
See Also

Reference

FormsAuthenticationTicket Members
System.Web.Security Namespace

Other Resources

Forms Authentication Provider
Community Content

Gereksiz Bir Kod Olmus
Added by:aliihsantopuz
Zaten Forms AuthenTicket niye kullaniyoruz biz MemberShip Yapisi yerine kendi Kullanici Yonetimini Yapabilmek icin. ama Burada Membership.ValidateUser classi ile kontrol edilmis kullanici.

Onun icin ben su kodlari yazdim

Yeni Class Olustur. Uyelik Isminde.

public

staticclassUyelik

{

publicstaticbool GecerliKilmaKullanici(string kullaniciAd, string kullaniciSifre)

{

bool sonuc = false;

//Httpcontext.Current.Server.MapPath

string XMLFilePath = HttpContext.Current.Server.MapPath("~/App_Data/KullanicilarDB.xml");

DataSet objDs = newDataSet();

objDs.ReadXml(XMLFilePath);

DataRow[] dRow = objDs.Tables[0].Select("kullaniciAd = '" + kullaniciAd + "' and sifre = '" + kullaniciSifre + "'");

if (dRow.Length > 0)

{

//string roller = dRow[0]["roller"].ToString();

sonuc =

true;

}

return sonuc;

}

© 2009 Microsoft Corporation. All rights reserved.   Terms of Use | Trademarks | Privacy Statement
Page view tracker
Rate the Lightweight library
x
Lightweight builds on ScriptFree (loband) by adding features you've requested: a SearchBox and default code language selection.
Do you like the SearchBox?
Do you like the tabbed code blocks?
How useful is this topic?
Tell us more.
Thanks
x
You're helping to improve MSDN Online.
Feedback
Switch View
x
Classic
Lightweight Beta
ScriptFree
Switch View