Edit

Share via


FormsAuthenticationTicket Constructors

Definition

Initializes a new instance of the FormsAuthenticationTicket class.

Overloads

FormsAuthenticationTicket(String, Boolean, Int32)

Initializes a new instance of the FormsAuthenticationTicket class using a cookie name and expiration information.

FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, expiration date, issue date, persistence, and user-specific data. The cookie path is set to the default value established in the application's configuration file.

FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.

FormsAuthenticationTicket(String, Boolean, Int32)

Initializes a new instance of the FormsAuthenticationTicket class using a cookie name and expiration information.

public:
 FormsAuthenticationTicket(System::String ^ name, bool isPersistent, int timeout);
public FormsAuthenticationTicket (string name, bool isPersistent, int timeout);
new System.Web.Security.FormsAuthenticationTicket : string * bool * int -> System.Web.Security.FormsAuthenticationTicket
Public Sub New (name As String, isPersistent As Boolean, timeout As Integer)

Parameters

name
String

The user name associated with the ticket.

isPersistent
Boolean

true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.

timeout
Int32

The time, in minutes, for which the authentication ticket is valid.

Remarks

The FormsAuthenticationTicket object created by this constructor will have a CookiePath value set to the value of the FormsCookiePath property, a Version value of 2, an IssueDate value of the current local date and time, a UserData value of an empty string (""), and an Expiration value that is set to the current local date and time plus the value of the timeout parameter.

See also

Applies to

FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, expiration date, issue date, persistence, and user-specific data. The cookie path is set to the default value established in the application's configuration file.

public:
 FormsAuthenticationTicket(int version, System::String ^ name, DateTime issueDate, DateTime expiration, bool isPersistent, System::String ^ userData);
public FormsAuthenticationTicket (int version, string name, DateTime issueDate, DateTime expiration, bool isPersistent, string userData);
new System.Web.Security.FormsAuthenticationTicket : int * string * DateTime * DateTime * bool * string -> System.Web.Security.FormsAuthenticationTicket
Public Sub New (version As Integer, name As String, issueDate As DateTime, expiration As DateTime, isPersistent As Boolean, userData As String)

Parameters

version
Int32

The version number of the ticket.

name
String

The user name associated with the ticket.

issueDate
DateTime

The local date and time at which the ticket was issued.

expiration
DateTime

The local date and time at which the ticket expires.

isPersistent
Boolean

true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.

userData
String

The user-specific data to be stored with the ticket.

Remarks

The FormsAuthenticationTicket object created by this constructor will have a CookiePath value set to the value of the FormsCookiePath.

Note

The userData parameter cannot be null.

See also

Applies to

FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String, String)

Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.

public:
 FormsAuthenticationTicket(int version, System::String ^ name, DateTime issueDate, DateTime expiration, bool isPersistent, System::String ^ userData, System::String ^ cookiePath);
public FormsAuthenticationTicket (int version, string name, DateTime issueDate, DateTime expiration, bool isPersistent, string userData, string cookiePath);
new System.Web.Security.FormsAuthenticationTicket : int * string * DateTime * DateTime * bool * string * string -> System.Web.Security.FormsAuthenticationTicket
Public Sub New (version As Integer, name As String, issueDate As DateTime, expiration As DateTime, isPersistent As Boolean, userData As String, cookiePath As String)

Parameters

version
Int32

The version number of the ticket.

name
String

The user name associated with the ticket.

issueDate
DateTime

The local date and time at which the ticket was issued.

expiration
DateTime

The local date and time at which the ticket expires.

isPersistent
Boolean

true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.

userData
String

The user-specific data to be stored with the ticket.

cookiePath
String

The path for the ticket when stored in a cookie.

Examples

The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.

Important

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  private void Login_Click(Object sender, EventArgs e)
  {
    // Create a custom FormsAuthenticationTicket containing
    // application specific data for the user.

    string username     = UserNameTextBox.Text;
    string password     = UserPassTextBox.Text;
    bool   isPersistent = false;

    if (Membership.ValidateUser(username, password))
    {
      string userData = "ApplicationSpecific data for this user.";

      FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
        username,
        DateTime.Now,
        DateTime.Now.AddMinutes(30),
        isPersistent,
        userData,
        FormsAuthentication.FormsCookiePath);

      // Encrypt the ticket.
      string encTicket = FormsAuthentication.Encrypt(ticket);

      // Create the cookie.
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));

      // Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
    }
    else
    {
      Msg.Text = "Login failed. Please check your user name and password and try again.";
    }
  }

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND: #80ff80; font-weight:bold"> 
            Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  Private Sub Login_Click(sender As Object, e As EventArgs)
  
    ' Create a custom FormsAuthenticationTicket containing
    ' application specific data for the user.

        Dim username As String = UserNameTextBox.Text
        Dim password As String = UserPassTextBox.Text
        Dim isPersistent As Boolean = False

    If Membership.ValidateUser(username, password) Then
    
      Dim userData As String = "ApplicationSpecific data for this user."

      Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
        username, _
        DateTime.Now, _
        DateTime.Now.AddMinutes(30), _
        isPersistent, _
        userData, _
        FormsAuthentication.FormsCookiePath)

      ' Encrypt the ticket.
      Dim encTicket As String = FormsAuthentication.Encrypt(ticket)

      ' Create the cookie.
      Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))

      ' Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
    Else    
      Msg.Text = "Login failed. Please check your user name and password and try again."
    End If
  End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND:#80ff80; font-weight:bold"> 
          Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>

Remarks

Note

The userData parameter cannot be null.

See also

Applies to