User Property
Collapse the table of content
Expand the table of content

FormsAuthenticationEventArgs.User Property

 

Gets or sets the IPrincipal object to be associated with the current request.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public IPrincipal User {
	get;
	[SecurityPermissionAttribute(SecurityAction.Demand, ControlPrincipal = true)]
	set;
}

Property Value

Type: System.Security.Principal.IPrincipal

The IPrincipal object to be associated with the current request.

You can use the User property to set the User property of the current HttpContext to a custom IPrincipal object.

If you do not specify a value for the User property during the FormsAuthentication_OnAuthenticate event, the identity supplied by the forms authentication ticket in the cookie or URL is used.

The following example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a GenericPrincipal object with a custom Identity.

public void FormsAuthentication_OnAuthenticate(object sender, FormsAuthenticationEventArgs args)
{
  if (FormsAuthentication.CookiesSupported)
  {
    if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
    {
      try
      {
        FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(
          Request.Cookies[FormsAuthentication.FormsCookieName].Value);

        args.User = new System.Security.Principal.GenericPrincipal(
          new Samples.AspNet.Security.MyFormsIdentity(ticket),
          new string[0]);
      }
      catch (Exception e)
      {
        // Decrypt method failed.
      }
    }
  }
  else
  {
    throw new HttpException("Cookieless Forms Authentication is not " +
                            "supported for this application.");
  }
}

.NET Framework
Available since 1.1
Return to top
Show:
© 2016 Microsoft