This documentation is archived and is not being maintained.

FormsAuthenticationModule.Authenticate Event

Occurs when the application authenticates the current request.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

'Declaration
Public Event Authenticate As FormsAuthenticationEventHandler

The Authenticate event is raised during the AuthenticateRequest event.

You can handle the Authenticate event of the FormsAuthenticationModule class by specifying a subroutine named FormsAuthentication_OnAuthenticate in the Global.asax file for your ASP.NET application.

You can use the FormsAuthenticationEventArgs User property supplied to the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a custom IPrincipal object. If you do not specify a value for the User property during the FormsAuthentication_OnAuthenticate event, the identity supplied by the forms authentication ticket in the cookie or URL is used.

The FormsAuthentication_OnAuthenticate event is only raised when the authentication mode is set to Forms in the authentication Element (ASP.NET Settings Schema) element of the application's configuration file and the FormsAuthenticationModule is an active HTTP module for the application.

The following code example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a GenericPrincipal object that has a custom Identity.


Public Sub FormsAuthentication_OnAuthenticate(sender As Object, _
                                              args As FormsAuthenticationEventArgs)
  If FormsAuthentication.CookiesSupported Then
    If Not Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing Then
      Try
        Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt( _
          Request.Cookies(FormsAuthentication.FormsCookieName).Value)

        args.User = New System.Security.Principal.GenericPrincipal( _
          New Samples.AspNet.Security.MyFormsIdentity(ticket), _
          New String(0) {})
      Catch e As HttpException
        ' Decrypt method failed.
      End Try
    End If
  Else
      Throw New Exception("Cookieless Forms Authentication is not " & _
                            "supported for this application.")
  End If
End Sub


.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Show: