Export (0) Print
Expand All

FormsAuthenticationTicket Constructor (Int32, String, DateTime, DateTime, Boolean, String, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public FormsAuthenticationTicket(
	int version,
	string name,
	DateTime issueDate,
	DateTime expiration,
	bool isPersistent,
	string userData,
	string cookiePath
)

Parameters

version
Type: System.Int32

The version number of the ticket.

name
Type: System.String

The user name associated with the ticket.

issueDate
Type: System.DateTime

The local date and time at which the ticket was issued.

expiration
Type: System.DateTime

The local date and time at which the ticket expires.

isPersistent
Type: System.Boolean

true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.

userData
Type: System.String

The user-specific data to be stored with the ticket.

cookiePath
Type: System.String

The path for the ticket when stored in a cookie.

NoteNote

The userData parameter cannot be null.

The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.

Security noteSecurity Note

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  private void Login_Click(Object sender, EventArgs e)
  {
    // Create a custom FormsAuthenticationTicket containing
    // application specific data for the user.

    string username     = UserNameTextBox.Text;
    string password     = UserPassTextBox.Text;
    bool   isPersistent = false;

    if (Membership.ValidateUser(username, password))
    {
      string userData = "ApplicationSpecific data for this user.";

      FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
        username,
        DateTime.Now,
        DateTime.Now.AddMinutes(30),
        isPersistent,
        userData,
        FormsAuthentication.FormsCookiePath);

      // Encrypt the ticket.
      string encTicket = FormsAuthentication.Encrypt(ticket);

      // Create the cookie.
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));

      // Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
    }
    else
    {
      Msg.Text = "Login failed. Please check your user name and password and try again.";
    }
  }

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND: #80ff80; font-weight:bold"> 
            Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0, 1.1
Show:
© 2015 Microsoft