Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

FormsAuthentication.RequireSSL Property

Gets a value indicating whether the forms-authentication cookie requires SSL in order to be returned to the server.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

'Declaration
Public Shared ReadOnly Property RequireSSL As Boolean

Property Value

Type: System.Boolean
true if SSL is required to return the forms-authentication cookie to the server; otherwise, false. The default is false.

The RequireSSL property value is set in the configuration file for an ASP.NET application by using the requireSSL attribute of the forms configuration element. You can specify in the Web.config file for your ASP.NET application whether SSL (Secure Sockets Layer) is required to return the forms-authentication cookie to the server by setting the requireSSL attribute . For more information, see Secure.

It is recommended that if you configure requireSSL as false, you also configure slidingExpiration as false, to reduce the amount of time for which a ticket is valid.

The following code example sets the requireSSL attribute in the Web.config file.

<authentication mode="Forms">
  <forms loginUrl="member_login.aspx"
    cookieless="UseCookies"
    requireSSL="true"
    path="/MyApplication" />
</authentication>

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Community Additions

ADD
Show:
© 2015 Microsoft