FormsAuthenticationCredentials Class

Configures user credentials for ASP.NET applications that use form-based authentication.

Namespace:  System.Web.Configuration
Assembly:  System.Web (in System.Web.dll)

public sealed class FormsAuthenticationCredentials : ConfigurationElement

The FormsAuthenticationCredentials class provides a way to programmatically access and modify the credentials element of a forms section in the authentication section of the configuration file. This type is part of a group that includes the FormsAuthenticationConfiguration, the FormsAuthenticationUserCollection, and the FormsAuthenticationUser types. With the exception of the collection type, all the others directly affect the underlying configuration tags.

NoteNote:

The FormsAuthenticationCredentials can write information into the related section of the configuration file according to the restrictions defined by MachineToApplication. Any attempt to write in a configuration file at a level not allowed in the hierarchy will result in an error message generated by the parser. However, you can use this class to read configuration information at any level in the hierarchy. For safety and scalability, it is recommended that you use an external repository, such as a database, to keep the users' credentials.

This example demonstrates how to specify values declaratively for several attributes of the credentials section, which can also be accessed as members of the FormsAuthenticationCredentials class.

The following configuration file example shows how to specify values declaratively for the credentials section.

<credentials passwordFormat="SHA1">
  <user name="aspnetuser1"
    password="5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8"/>
  <user name="aspnetuser2"
    password="E38AD214943DAAD1D64C102FAEC29DE4AFE9DA3D"/>
</credentials>
NoteNote:

If you use the credentials section, be sure to follow the guidelines explained at ASP.NET Authentication. For scalability and better security, it is recommended that you use an external database to store the users' credentials. For more information about building secure ASP.NET applications, search the Microsoft MSDN Web site (http://msdn.microsoft.com) for "Securing Your ASP.NET Application" and "Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication."

The following code example demonstrates how to use the FormsAuthenticationCredentials class.

// Get the Web application configuration.
System.Configuration.Configuration configuration = 
    WebConfigurationManager.OpenWebConfiguration("/aspnetTest");

// Get the authentication section.
AuthenticationSection authenticationSection = 
    (AuthenticationSection)configuration.GetSection(
    "system.web/authentication");

// Get the forms credentials collection .
FormsAuthenticationCredentials formsAuthenticationCredentials =
    authenticationSection.Forms.Credentials;

System.Object
  System.Configuration.ConfigurationElement
    System.Web.Configuration.FormsAuthenticationCredentials

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft