This documentation is archived and is not being maintained.

WebAuthenticationSuccessAuditEvent Class

Provides information about successful authentication events

Namespace:  System.Web.Management
Assembly:  System.Web (in System.Web.dll)

[AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
[AspNetHostingPermissionAttribute(SecurityAction.InheritanceDemand, Level = AspNetHostingPermissionLevel.Minimal)]
public class WebAuthenticationSuccessAuditEvent : WebSuccessAuditEvent

ASP.NET health monitoring allows production and operations staff to manage deployed Web applications. The System.Web.Management namespace contains the health-event types responsible for packaging application health-status data and the provider types responsible for processing this data. It also contains supporting types that help during the management of health events.

The following list describes the features for which ASP.NET raises events of type WebAuthenticationSuccessAuditEvent.


By default ASP.NET is configured to log audit failure conditions only, as logging success conditions can severely strain system resources. You can always configure the system to log the success conditions.

  • Forms Authentication. Successful conditions are audited. Success audits include the user name that was authenticated. Instead, failure audits do not include the user name, since they typically result from a ticket that failed decryption or validation. Both contain the client IP address. The related event audit code is AuditFormsAuthenticationSuccess.

  • Membership. Successful conditions are audited. Both success and failure audits contain the username that was attempted. Neither form of audit will contain the password that was attempted, because that would risk persisting a valid password in the log. The related event audit code is AuditMembershipAuthenticationSuccess.

When a WebAuthenticationSuccessAuditEvent is raised, by default it updates the Authentication Success Events Raised performance counter. To view this performance counter in System Monitor (PerfMon), in the Add Counters window select ASP.NET in the Performance object drop-down list, select the Authentication Success Events Raised performance counter, and click the Add button. For more information, see Using the System Monitor (PerfMon) with ASP.NET Applications on MSDN.


In most cases you will be able to use the ASP.NET health-monitoring types as implemented, and you will control the health-monitoring system by specifying values in the healthMonitoring configuration section. You can also derive from the health-monitoring types to create your own custom events and providers. For an example of deriving from the WebBaseEvent class, see the example provided in this topic.

This code example has two parts: a configuration-file excerpt, followed by code that shows how to customize the WebAuthenticationSuccessAuditEvent event.

This following is an excerpt of the configuration file's provider and eventMappings sections. They are already set by default. The only thing you need to do is to provide the setup for the rules element in the healthMonitoring section.


      // Configure the provider to process 
      // the health events.
      <add name="EventLogProvider"
       <clear />
       // Configure the custom event 
       // to handle the audit events. 
        <add name="SampleWebAuthenticationSuccessAuditEvent" 
          webauthsuccessaudit, Version=1.0.1735.23144, Culture=neutral, 
          PublicKeyToken=dd969eda3f3f6ae1, processorArchitecture=MSIL" />
       // Establish the connection between custom event 
       // and the provider that must process it.
      <add name="Log Authentication Success Audits" 
        profile="Custom" />\


The following code shows how to customize the WebAuthenticationSuccessAuditEvent event.

using System;
using System.Text;
using System.Web;
using System.Web.Management;

namespace SamplesAspNet
    // Implements a custom WebAuthenticationSuccessAuditEvent class.  
    public class SampleWebAuthenticationSuccessAuditEvent : 
        private string customCreatedMsg, customRaisedMsg;

        // Invoked in case of events identified only by their event code. 
        public SampleWebAuthenticationSuccessAuditEvent(
            string msg, object eventSource, 
            int eventCode, string userName):
        base(msg, eventSource, eventCode, userName)
            // Perform custom initialization.
            customCreatedMsg =
                string.Format("Event created at: {0}",

        // Invoked in case of events identified by their event code.and  
        // event detailed code. 
        public SampleWebAuthenticationSuccessAuditEvent(
            string msg, object eventSource,
            int eventCode, int detailedCode, string userName):
        base(msg, eventSource, eventCode, detailedCode, userName)
            // Perform custom initialization.
            customCreatedMsg =
            string.Format("Event created at: {0}",

        // Raises the SampleWebAuthenticationSuccessAuditEvent. 
        public override void Raise()
            // Perform custom processing.
            customRaisedMsg =
                string.Format("Event raised at: {0}", 

            // Raise the event.

        // Obtains the current thread information. 
        public WebRequestInformation GetRequestInformation()
            // No customization is allowed. 
            return RequestInformation;

        //Formats Web request event information. 
        //This method is invoked indirectly by the provider  
        //using one of the overloaded ToString methods. 
        public override void FormatCustomEventDetails(WebEventFormatter formatter)

            // Add custom data.

            formatter.IndentationLevel += 1;
                "* SampleWebAuthenticationSuccessAuditEvent Start *");
            formatter.AppendLine(string.Format("Request path: {0}",
            formatter.AppendLine(string.Format("Request Url: {0}",

            // Display custom event timing.

                "* SampleWebAuthenticationSuccessAuditEvent End *");

            formatter.IndentationLevel -= 1;



Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0