This documentation is archived and is not being maintained.

FormsAuthenticationTicket Constructor (Int32, String, DateTime, DateTime, Boolean, String, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

'Declaration
Public Sub New ( _
	version As Integer, _
	name As String, _
	issueDate As DateTime, _
	expiration As DateTime, _
	isPersistent As Boolean, _
	userData As String, _
	cookiePath As String _
)

Parameters

version
Type: System.Int32
The version number of the ticket.
name
Type: System.String
The user name associated with the ticket.
issueDate
Type: System.DateTime
The local date and time at which the ticket was issued.
expiration
Type: System.DateTime
The local date and time at which the ticket expires.
isPersistent
Type: System.Boolean
true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
userData
Type: System.String
The user-specific data to be stored with the ticket.
cookiePath
Type: System.String
The path for the ticket when stored in a cookie.

NoteNote

The userData parameter cannot be Nothing.

The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.

Security noteSecurity Note

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.


<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  Private Sub Login_Click(sender As Object, e As EventArgs)

    ' Create a custom FormsAuthenticationTicket containing
    ' application specific data for the user.

        Dim username As String = UserNameTextBox.Text
        Dim password As String = UserPassTextBox.Text
        Dim isPersistent As Boolean = False

    If Membership.ValidateUser(username, password) Then

      Dim userData As String = "ApplicationSpecific data for this user."

      Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
        username, _
        DateTime.Now, _
        DateTime.Now.AddMinutes(30), _
        isPersistent, _
        userData, _
        FormsAuthentication.FormsCookiePath)

      ' Encrypt the ticket.
      Dim encTicket As String = FormsAuthentication.Encrypt(ticket)

      ' Create the cookie.
      Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))

      ' Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
    Else    
      Msg.Text = "Login failed. Please check your user name and password and try again."
    End If
  End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND:#80ff80; font-weight:bold"> 
          Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>


.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Show: