提供对票证的属性和值的访问,这些票证用于 Forms 身份验证对用户进行标识。无法继承此类。
命名空间:System.Web.Security
程序集:System.Web(在 system.web.dll 中)
<SerializableAttribute> _
Public NotInheritable Class FormsAuthenticationTicket
Dim instance As FormsAuthenticationTicket
[SerializableAttribute]
public sealed class FormsAuthenticationTicket
[SerializableAttribute]
public ref class FormsAuthenticationTicket sealed
/** @attribute SerializableAttribute() */
public final class FormsAuthenticationTicket
SerializableAttribute
public final class FormsAuthenticationTicket
FormsAuthenticationTicket 类用于创建表示身份验证票证的对象,Forms 身份验证使用这些票证来标识已经过身份验证的用户。Forms 身份验证票证的属性和值将转换为加密字符串存储在 Cookie 或 URL 中;这些加密字符串也会转换回票证的属性和值。
FormsAuthentication 类提供了 Encrypt 方法,用于从 FormsAuthenticationTicket 创建一个可存储在 Cookie 或 URL 中的字符串值。FormsAuthentication 类还提供了一个 Decrypt 方法,用于从检索自 Forms 身份验证 Cookie 或 URL 的加密身份验证票证创建一个 FormsAuthenticationTicket 对象。
可以使用 FormsIdentity 类的 Ticket 属性访问当前经过身份验证的用户的 FormsAuthenticationTicket。通过将当前 User 的 Identity 属性强制转换为类型 FormsIdentity,可以访问当前 FormsIdentity 对象。
下面的代码示例使用 FormsCookieName 将 Encrypt 方法的结果存储在 Cookie 中,并将用户重定向到从 GetRedirectUrl 方法返回的 URL。
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<script runat="server">
Private Sub Login_Click(sender As Object, e As EventArgs)
' Create a custom FormsAuthenticationTicket containing
' application specific data for the user.
Dim username As String = UserNameTextBox.Text
Dim password As String = UserPassTextBox.Text
Dim isPersistent As Boolean = PersistCheckBox.Checked
If Membership.ValidateUser(username, password) Then
Dim userData As String = "ApplicationSpecific data for this user."
Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
username, _
DateTime.Now, _
DateTime.Now.AddMinutes(30), _
isPersistent, _
userData, _
FormsAuthentication.FormsCookiePath)
' Encrypt the ticket.
Dim encTicket As String = FormsAuthentication.Encrypt(ticket)
' Create the cookie.
Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))
' Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
Else
Msg.Text = "Login failed. Please check your user name and password and try again."
End If
End Sub
</script>
<html>
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form runat="server">
<span style="BACKGROUND: #80ff80">
<h3>Login Page</h3>
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><P>
<table border=0>
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" type="text" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
<tr>
<td>Check here if this is <u>not</u><br>a public computer:</td>
<td><asp:CheckBox id="PersistCheckBox" runat="server" autopostback="true" /></td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<script runat="server">
private void Login_Click(Object sender, EventArgs e)
{
// Create a custom FormsAuthenticationTicket containing
// application specific data for the user.
string username = UserNameTextBox.Text;
string password = UserPassTextBox.Text;
bool isPersistent = PersistCheckBox.Checked;
if (Membership.ValidateUser(username, password))
{
string userData = "ApplicationSpecific data for this user.";
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
isPersistent,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
// Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}
else
{
Msg.Text = "Login failed. Please check your user name and password and try again.";
}
}
</script>
<html>
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form runat="server">
<span style="BACKGROUND: #80ff80">
<h3>Login Page</h3>
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><P>
<table border=0>
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" type="text" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
<tr>
<td>Check here if this is <u>not</u><br>a public computer:</td>
<td><asp:CheckBox id="PersistCheckBox" runat="server" autopostback="true" /></td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
System.Object
System.Web.Security.FormsAuthenticationTicket
此类型的任何公共静态(Visual Basic 中的 Shared)成员都是线程安全的,但不保证所有实例成员都是线程安全的。
Windows 98、Windows 2000 SP4、Windows Server 2003、Windows XP Media Center Edition、Windows XP Professional x64 Edition、Windows XP SP2、Windows XP Starter Edition
.NET Framework 并不是对每个平台的所有版本都提供支持。有关受支持版本的列表,请参见系统要求。
.NET Framework
受以下版本支持:2.0、1.1、1.0