Export (0) Print
Expand All

Roles.CookieProtectionValue Property

Gets a value that indicates how role names cached in a cookie are protected.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static CookieProtection CookieProtectionValue { get; }

Property Value

Type: System.Web.Security.CookieProtection
One of the CookieProtection enumeration values indicating how role names that are cached in a cookie are protected. The default is All.

You can specify the protection of the cookie where roles are cached for your application by setting the cookieProtection attribute in the Web.config file for your ASP.NET application. The cookieProtection attribute takes a CookieProtection enumeration value that indicates whether the role names are encrypted, validated, both, or neither.

The following example shows the roleManager element in the system.web section of the Web.config file for an ASP.NET application. It specifies that the application uses a SqlRoleProvider instance and sets cookieProtection attribute to Encrypted.

<roleManager defaultProvider="SqlProvider" 
  enabled="true"
  cacheRolesInCookie="true"
  cookieName=".ASPROLES"
  cookieTimeout="30"
  cookiePath="/MyApplication"
  cookieRequireSSL="false"
  cookieSlidingExpiration="true"
  cookieProtection="Encrypted" >
  <providers>
    <add
      name="SqlProvider"
      type="System.Web.Security.SqlRoleProvider"
      connectionStringName="SqlServices"
      applicationName="MyApplication" />
  </providers>
</roleManager>

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft