FormsAuthenticationTicket Constructor (Int32, String, DateTime, DateTime, Boolean, String, String)
Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.
Assembly: System.Web (in System.Web.dll)
Public Sub New ( version As Integer, name As String, issueDate As Date, expiration As Date, isPersistent As Boolean, userData As String, cookiePath As String )
Parameters
- version
-
Type:
System.Int32
The version number of the ticket.
- name
-
Type:
System.String
The user name associated with the ticket.
- issueDate
-
Type:
System.DateTime
The local date and time at which the ticket was issued.
- expiration
-
Type:
System.DateTime
The local date and time at which the ticket expires.
- isPersistent
-
Type:
System.Boolean
true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
- userData
-
Type:
System.String
The user-specific data to be stored with the ticket.
- cookiePath
-
Type:
System.String
The path for the ticket when stored in a cookie.
Note |
|---|
The userData parameter cannot be null. |
The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.
Security Note
|
|---|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview. |
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Private Sub Login_Click(sender As Object, e As EventArgs) ' Create a custom FormsAuthenticationTicket containing ' application specific data for the user. Dim username As String = UserNameTextBox.Text Dim password As String = UserPassTextBox.Text Dim isPersistent As Boolean = False If Membership.ValidateUser(username, password) Then Dim userData As String = "ApplicationSpecific data for this user." Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _ username, _ DateTime.Now, _ DateTime.Now.AddMinutes(30), _ isPersistent, _ userData, _ FormsAuthentication.FormsCookiePath) ' Encrypt the ticket. Dim encTicket As String = FormsAuthentication.Encrypt(ticket) ' Create the cookie. Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket)) ' Redirect back to original URL. Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)) Else Msg.Text = "Login failed. Please check your user name and password and try again." End If End Sub </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Forms Authentication Login</title> </head> <body> <form id="form1" runat="server"> <span style="BACKGROUND:#80ff80; font-weight:bold"> Login Page </span> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table border="0"> <tbody> <tr> <td>Username:</td> <td><asp:TextBox id="UserNameTextBox" runat="server" /></td> <td> <asp:RequiredFieldValidator id="RequiredFieldValidator1" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserNameTextBox" /> </td> </tr> <tr> <td>Password:</td> <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td> <td> <asp:RequiredFieldValidator id="RequiredFieldValidator2" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserPassTextBox" /> </td> </tr> </tbody> </table> <input type="submit" value="Login" runat="server" onserverclick="Login_Click" /> </form> </body> </html>
Available since 1.1
.jpeg?cs-save-lang=1&cs-lang=vb)
.jpeg?cs-save-lang=1&cs-lang=vb)