FormsAuthenticationModule.Authenticate Event

 
System_CAPS_noteNote

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Occurs when the application authenticates the current request.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public event FormsAuthenticationEventHandler Authenticate

The Authenticate event is raised during the AuthenticateRequest event.

You can handle the Authenticate event of the FormsAuthenticationModule class by specifying a subroutine named FormsAuthentication_OnAuthenticate in the Global.asax file for your ASP.NET application.

You can use the FormsAuthenticationEventArgsUser property supplied to the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a custom IPrincipal object. If you do not specify a value for the User property during the FormsAuthentication_OnAuthenticate event, the identity supplied by the forms authentication ticket in the cookie or URL is used.

The FormsAuthentication_OnAuthenticate event is only raised when the authentication mode is set to Forms in the authentication Element (ASP.NET Settings Schema) element of the application's configuration file and the FormsAuthenticationModule is an active HTTP module for the application.

The following code example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a GenericPrincipal object that has a custom Identity.

public void FormsAuthentication_OnAuthenticate(object sender, FormsAuthenticationEventArgs args)
{
  if (FormsAuthentication.CookiesSupported)
  {
    if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
    {
      try
      {
        FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(
          Request.Cookies[FormsAuthentication.FormsCookieName].Value);

        args.User = new System.Security.Principal.GenericPrincipal(
          new Samples.AspNet.Security.MyFormsIdentity(ticket),
          new string[0]);
      }
      catch (Exception e)
      {
        // Decrypt method failed.
      }
    }
  }
  else
  {
    throw new HttpException("Cookieless Forms Authentication is not " +
                            "supported for this application.");
  }
}

.NET Framework
Available since 1.1
Return to top
Show: