FormsAuthenticationTicket Class
Assembly: System.Web (in system.web.dll)
The FormsAuthenticationTicket class is used to create an object that represents the authentication ticket that is used by forms authentication to identify an authenticated user. The properties and values of a forms-authentication ticket are converted to and from an encrypted string that is stored in a cookie or in the URL.
The FormsAuthentication class provides an Encrypt method to create a string value that can be stored in a cookie or in the URL from a FormsAuthenticationTicket. The FormsAuthentication class also provides a Decrypt method to create a FormsAuthenticationTicket object from the encrypted authentication ticket retrieved from the forms-authentication cookie or the URL.
The FormsAuthenticationTicket for the current authenticated user can be accessed using the Ticket property of the FormsIdentity class. You can access the current FormsIdentity object by casting the Identity property of the current User as type FormsIdentity.
The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName and redirects the user to the URL returned from the GetRedirectUrl method.
Security Note: |
|---|
|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview (Visual Studio). |
Security Note: