This documentation is archived and is not being maintained.

AuthenticationService Class

Enables access to ASP.NET forms authentication as a Web service.


Namespace:  System.Web.ApplicationServices
Assembly:  System.Web.Extensions (in System.Web.Extensions.dll)

[ServiceBehaviorAttribute(Namespace = "", 
	InstanceContextMode = InstanceContextMode.Single, ConcurrencyMode = ConcurrencyMode.Multiple)]
[AspNetCompatibilityRequirementsAttribute(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
[ServiceContractAttribute(Namespace = "")]
public class AuthenticationService

The AuthenticationService type exposes the following members.

Public methodEquals(Object)Determines whether the specified Object is equal to the current Object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as a hash function for a particular type. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodIsLoggedInDetermines whether the current user is authenticated.
Public methodLoginChecks user credentials and creates an authentication ticket (cookie) if the credentials are valid.
Public methodLogoutClears the authentication ticket (cookie) in the browser.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodValidateUserAuthenticates user credentials without issuing an authentication ticket.

Public eventStatic memberAuthenticatingOccurs when user credentials are being validated.
Public eventStatic memberCreatingCookieOccurs when the authentication cookie is being set.

The AuthenticationService object enables you to authenticate users through a Windows Communication Foundation (WCF) service. You use the WCF authentication service when you must authenticate users through ASP.NET membership from an application that is outside the Web application that stores the user credentials. The application must be able to send and consume message in the SOAP format. Through the AuthenticationService class, you can log users in, log users out, validate credentials, check authentication status, customize authentication, and set the authentication cookie.

The AuthenticationService class contains four methods that you should access only through a WCF service: the IsLoggedIn, Login, Logout, and ValidateUser methods. To call these methods, you enable the authentication service on a Web server and then connect a WCF-compatible client application to the Web service. For information about how to configure the authentication service, see How to: Enable the WCF Authentication Service.

To log users on, you pass the user credentials to the Login method. If the credentials are valid, the AuthenticationService class creates an authentication cookie. If the authentication cookie has not expired, you know that the user's credentials have been authenticated and you do not have to validate the credentials again. (Cookie-less authentication is not available through the AuthenticationService class.)

The AuthenticationService can raise two events: Authenticating and CreatingCookie. The Authenticating event occurs when the user credentials are being validated. Create an event handler for the Authenticating event to customize how user credentials are validated. The CreatingCookie event occurs when the authentication cookie is being set after user credentials have been validated. Create an event handler for the CreatingCookie event to customize the authentication cookie.

The ValidateUser method checks user credentials for authentication, but it does not return an authentication ticket. Use ValidateUser when a user has previously logged in and you must check that the credentials are still valid at the start of a new application session.

For an example of using the WCF authentication service from a console application, see Walkthrough: Using ASP.NET Application Services.

.NET Framework

Supported in: 4, 3.5

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.