AuthenticationService.CreatingCookie AuthenticationService.CreatingCookie AuthenticationService.CreatingCookie AuthenticationService.CreatingCookie Event

Definition

Occurs when the authentication cookie is being set.

public:
 static event EventHandler<System::Web::ApplicationServices::CreatingCookieEventArgs ^> ^ CreatingCookie;
public static event EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs> CreatingCookie;
member this.CreatingCookie : EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs> 
Public Shared Custom Event CreatingCookie As EventHandler(Of CreatingCookieEventArgs) 

Examples

The following example shows how to bind an event handler to the CreatingCookie event in the Application_Start method of the Global.asax file.

void Application_Start(object sender, EventArgs e)
{
    System.Web.ApplicationServices.AuthenticationService.CreatingCookie 
        += new EventHandler<System.Web.ApplicationServices.CreatingCookieEventArgs>
        (AuthenticationService_CreatingCookie);
}
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
    AddHandler System.Web.ApplicationServices.AuthenticationService.CreatingCookie, _
        AddressOf Me.AuthenticationService_CreatingCookie
End Sub

The following example shows an event handler for the CreatingCookie event in the Global.asax file. The event handler customizes the authentication cookie by adding the value in the CustomCredential property to the UserData property. Store the CustomCredential property in a cookie only if you know that the data in the property is not sensitive. Malicious users can access the values in the cookie.

void AuthenticationService_CreatingCookie(object sender, 
    System.Web.ApplicationServices.CreatingCookieEventArgs e)
{
    FormsAuthenticationTicket ticket = new
          FormsAuthenticationTicket
            (1,
             e.UserName,
             DateTime.Now,
             DateTime.Now.AddMinutes(30),
             e.IsPersistent,
             e.CustomCredential,
             FormsAuthentication.FormsCookiePath);

    string encryptedTicket =
         FormsAuthentication.Encrypt(ticket);

    HttpCookie cookie = new HttpCookie
         (FormsAuthentication.FormsCookieName,
          encryptedTicket);
    cookie.Expires = DateTime.Now.AddMinutes(30);

    HttpContext.Current.Response.Cookies.Add(cookie);
    e.CookieIsSet = true;
}
Sub AuthenticationService_CreatingCookie(ByVal sender As Object, _
                 ByVal e As System.Web.ApplicationServices.CreatingCookieEventArgs)
    Dim ticket As FormsAuthenticationTicket = New _
       FormsAuthenticationTicket _
        (1, _
         e.Username, _
         DateTime.Now, _
         DateTime.Now.AddMinutes(30), _
         e.IsPersistent, _
         e.CustomCredential, _
         FormsAuthentication.FormsCookiePath)
        
    Dim encryptedTicket As String = FormsAuthentication.Encrypt(ticket)
    
    Dim cookie As HttpCookie = New _
        HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
    cookie.Expires = DateTime.Now.AddMinutes(30)
    
    HttpContext.Current.Response.Cookies.Add(cookie)
    e.CookieIsSet = True
End Sub

Remarks

The CreatingCookie event is raised when the authentication cookie is being set after user credentials have been validated. Create an event handler for the CreatingCookie event to customize the authentication cookie.

Applies to

See also