This documentation is archived and is not being maintained.

ClientFormsIdentity Class

Represents a user identity authenticated for client application services by using forms authentication.

Namespace:  System.Web.ClientServices
Assembly:  System.Web.Extensions (in System.Web.Extensions.dll)

public class ClientFormsIdentity : IIdentity, 

The client application services feature uses this class to represent an authenticated user. When you configure your application to use client application services and forms authentication, you can authenticate a user by calling the static Membership.ValidateUser method. After authentication, you can retrieve a reference to the current ClientFormsIdentity instance through the Identity property of the IPrincipal retrieved through the static Thread.CurrentPrincipal property. For more information, see Client Application Services.

You will typically access a ClientFormsIdentity object as an IIdentity reference to avoid a direct dependency on this class. You can determine whether a user is authenticated by checking the IIdentity.IsAuthenticated property of the identity. However, the user may be authenticated for Windows, but not for client application services. To determine whether the user is authenticated for client application services, you should also confirm that the IIdentity.AuthenticationType property value is "ClientForms".

You must use an explicit ClientFormsIdentity reference to call the RevalidateUser method, which is not defined by the IIdentity interface.

The following example code demonstrates how to use this class to silently revalidate a user when the application leaves the offline state. In this example, a CheckedChanged event handler updates the offline status to match the check box value. If the user sets the application to the online state, the event handler attempts to revalidate the user by calling the RevalidateUser method. However, if the authentication server is unavailable, the event handler returns the application to the offline state.


The RevalidateUser method is for convenience only. Because it does not have a return value, it cannot indicate whether revalidation has failed. Revalidation can fail, for example, if the user credentials have changed on the server. In this case, you might want to include code that explicitly validates users after a service call fails. For more information, see the Accessing Web Settings section in Walkthrough: Using Client Application Services.

private void workOfflineCheckBox_CheckedChanged(
    object sender, EventArgs e)
    ConnectivityStatus.IsOffline = workOfflineCheckBox.Checked;
    if (!ConnectivityStatus.IsOffline)
            // Silently re-validate the user.

            // If any settings have been changed locally, save the new 
            // new values to the Web settings service.

            // If any settings have not been changed locally, check  
            // the Web settings service for updates. 
        catch (System.Net.WebException)
                "Unable to access the authentication service. " +
                Environment.NewLine + "Staying in offline mode.",
                "Warning", MessageBoxButtons.OK, 
            workOfflineCheckBox.Checked = true;


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5