AuthenticationService.CreatingCookie Event
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Occurs when the authentication cookie is being set.
public:
static event EventHandler<System::Web::ApplicationServices::CreatingCookieEventArgs ^> ^ CreatingCookie;public static event EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs> CreatingCookie;member this.CreatingCookie : EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs> Public Shared Custom Event CreatingCookie As EventHandler(Of CreatingCookieEventArgs) Event Type
Examples
The following example shows how to bind an event handler to the CreatingCookie event in the Application_Start method of the Global.asax file.
void Application_Start(object sender, EventArgs e)
{
System.Web.ApplicationServices.AuthenticationService.CreatingCookie
+= new EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs>
(AuthenticationService_CreatingCookie);
}
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
AddHandler System.Web.ApplicationServices.AuthenticationService.CreatingCookie, _
AddressOf Me.AuthenticationService_CreatingCookie
End Sub
The following example shows an event handler for the CreatingCookie event in the Global.asax file. The event handler customizes the authentication cookie by adding the value in the CustomCredential property to the UserData property. Store the CustomCredential property in a cookie only if you know that the data in the property is not sensitive. Malicious users can access the values in the cookie.
void AuthenticationService_CreatingCookie(object sender,
System.Web.ApplicationServices.CreatingCookieEventArgs e)
{
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket
(1,
e.UserName,
DateTime.Now,
DateTime.Now.AddMinutes(30),
e.IsPersistent,
e.CustomCredential,
FormsAuthentication.FormsCookiePath);
string encryptedTicket =
FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie
(FormsAuthentication.FormsCookieName,
encryptedTicket);
cookie.Expires = DateTime.Now.AddMinutes(30);
HttpContext.Current.Response.Cookies.Add(cookie);
e.CookieIsSet = true;
}
Sub AuthenticationService_CreatingCookie(ByVal sender As Object, _
ByVal e As System.Web.ApplicationServices.CreatingCookieEventArgs)
Dim ticket As FormsAuthenticationTicket = New _
FormsAuthenticationTicket _
(1, _
e.Username, _
DateTime.Now, _
DateTime.Now.AddMinutes(30), _
e.IsPersistent, _
e.CustomCredential, _
FormsAuthentication.FormsCookiePath)
Dim encryptedTicket As String = FormsAuthentication.Encrypt(ticket)
Dim cookie As HttpCookie = New _
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
cookie.Expires = DateTime.Now.AddMinutes(30)
HttpContext.Current.Response.Cookies.Add(cookie)
e.CookieIsSet = True
End Sub
Remarks
The CreatingCookie event is raised when the authentication cookie is being set after user credentials have been validated. Create an event handler for the CreatingCookie event to customize the authentication cookie.
Applies to
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for