FormsAuthenticationModule Class
Assembly: System.Web (in system.web.dll)
The FormsAuthenticationModule sets the current System.Web.HttpContext.User property to an IPrincipal object that represents the user identity for the current request when the authentication Mode is set to Forms in the authentication Element (ASP.NET Settings Schema) element of the application's configuration file.
The FormsAuthenticationModule exposes an Authenticate event that enables you to provide a custom IPrincipal object for the User property of the current HttpContext. The Authenticate event is accessed by specifying a subroutine named FormsAuthentication_OnAuthenticate in the Global.asax file for your ASP.NET application.
The following example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a custom IPrincipal object.
Public Sub FormsAuthentication_OnAuthenticate(sender As Object, _ args As FormsAuthenticationEventArgs) If FormsAuthentication.CookiesSupported Then If Not Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing Then Try Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt( _ Request.Cookies(FormsAuthentication.FormsCookieName).Value) args.User = New System.Security.Principal.GenericPrincipal( _ New Samples.AspNet.Security.MyFormsIdentity(ticket), _ New String(0) {}) Catch e As HttpException ' Decrypt method failed. End Try End If Else Throw New Exception("Cookieless Forms Authentication is not " & _ "supported for this application.") End If End Sub
- AspNetHostingPermission for using the FormsAuthenticationModule class in a hosted environment. Demand value: LinkDemand. Permission value: Minimal.