Re: Using forms authentication for the first time

From: Hernan de Lahitte (hernan_at_lagash.com)
Date: 08/03/04 

Date: Mon, 2 Aug 2004 20:52:28 -0300

Agreed with Raterus.
Something like:

FormsAuthentication.SetAuthCookie( UserId.Text, false );
Response.Redirect( "yourPage.aspx" );

should be ok. 

-- 
Hernan de Lahitte
Lagash Systems S.A.
http://weblogs.asp.net/hernandl
This posting is provided "AS IS" with no warranties, and confers no rights.
"Hernan de Lahitte" <hernan@lagash.com> wrote in message
news:OSqRurNeEHA.384@TK2MSFTNGP10.phx.gbl...
> You should create the ticket by your self. Here is a sample code:
>
> Place this code instead of "FormsAuthentication.RedirectFromLoginPage(
> UserId.Text, false )"
>
> HttpCookie cookie = FormsAuthentication.GetAuthCookie( UserId.Text,
false );
> FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(
> cookie.Value );
> // Store roles inside the Forms cookie.
> FormsAuthenticationTicket newticket = new FormsAuthenticationTicket(
> ticket.Version,
>
> ticket.Name,
>
> ticket.IssueDate,
>
> ticket.Expiration,
>
> ticket.IsPersistent,
>
> userData,
>
> ticket.CookiePath );
> cookie.Value = FormsAuthentication.Encrypt(newticket);
> Response.Cookies.Set(cookie);
> Response.Redirect( FormsAuthentication.GetRedirectUrl( newticket.Name,
> newticket.IsPersistent ) );
>
> In case you don't have any userData (some string data up to 1200 bytes
> aprox) to store inside the ticket, you might use this
> FormsAuthenticationTicket overload:
>
> FormsAuthenticationTicket newticket2 = new FormsAuthenticationTicket(
> ticket.Name, ticket.IsPersistent, ticket.Expiration.Subtract(
> ticket.IssueDate ).Minutes );
>
>
> Hope this help.
>
> -- 
> Hernan de Lahitte
> Lagash Systems S.A.
> http://weblogs.asp.net/hernandl
>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> "William Gower" <w_gower@hotmail.com> wrote in message
> news:%233We1zLeEHA.3664@TK2MSFTNGP12.phx.gbl...
> > I have set up my web config file to use Forms Authentication.  In my
login
> > page after I validate my user, I want to store the id but I don't want
to
> > call the RedirectFromLoginPage.  I want to redirect the page myself.
How
> do
> > I store the id without calling RedirectFromLoginPage?
> >
> >
>
>

Relevant Pages

  • Re: DPAPI User Store Does Not Work as advertised
    ... Hernan, can you please elaborate some more on the X509 Certificate approach ... "Hernan de Lahitte" wrote: ... > 3) Store this key on a central store ... I have created a domain account that my win services ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Failed to start monitoring changes
    ... Connection Firewall or any other firewall turned on? ... Hernan de Lahitte - MSDE ... > I connect to a remote SQL Server using SQL authentication, ...
    (microsoft.public.dotnet.security)
  • Re: Product Key dilemma
    ... This posting is provided "AS IS" with no warranties, ... > "Hernan de Lahitte" wrote in message ... >>> product key should be an encrypted string representing some information. ...
    (microsoft.public.dotnet.security)
  • Re: MD5 implementation
    ... > How do I get a string in the .NET version that I can compare to the PHP ... > "Hernan de Lahitte" wrote in message ... >> Lagash Systems S.A. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: cleanup of data from memory
    ... "Hernan de Lahitte" wrote in message ... > This posting is provided "AS IS" with no warranties, and confers no rights. ... >> After we encrypt the data we release the BYTEor memory stream or> something else without doing anytihng to the memory conatined by them. ...
    (microsoft.public.dotnet.security)
Quantcast