System.Web.Security Namespace FormsAuthenticationModule Class
Occurs when the application authenticates the current request.
[ VB ]
Public Event Authenticate As FormsAuthenticationEventHandler
[ C# ]
public event FormsAuthenticationEventHandler Authenticate;
[ C++ ]
public: __event FormsAuthenticationEventHandler* Authenticate;
In [ JScript ], you can handle the events defined by a class, but you cannot define your own.
The Authenticate event is raised during the AuthenticateRequest event and is used to ensure that the User property of the current HttpContext is populated with an IPrincipal object.
You can handle the Authenticate event of the FormsAuthenticationModule class by specifying a subroutine named FormsAuthentication_OnAuthenticate in the Global.asax file for your ASP.NET application.
You can use the User property of the FormsAuthenticationEventArgs object supplied to the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a custom IPrincipal object.
If you do not specify a value for the User property of the HttpContext supplied during the FormsAuthentication_OnAuthenticate event, the FormsAuthenticationModule uses the identity supplied by the forms authentication ticket in the cookie or URL.
The FormsAuthentication_OnAuthenticate event is only raised when the authentication Mode is set to Forms in the authorization element of the application's configuration file and the FormsAuthenticationModule is an active HTTP module for the application.
Information related to the Authenticate event is passed via a FormsAuthenticationEventArgs object to the method assigned to handle the event. The following FormsAuthenticationEventArgs properties provide information specific to this event.
| Property |
Description |
| Context |
Gets the HttpContext object for the current HTTP request. |
| User |
Gets or sets the IPrincipal object to be associated with the current request. |
The following code example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a GenericPrincipal object with a custom Identity.
public void FormsAuthentication_OnAuthenticate ( object src, FormsAuthenticationEventArgs args ) {
if ( FormsAuthentication.CookiesSupported ) {
if ( Request.Cookies[FormsAuthentication.FormsCookieName] != null ) {
try {
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt (
Request.Cookies [ FormsAuthentication.FormsCookieName ].Value );
args.User = new System.Security.Principal.GenericPrincipal (
new Samples.AspNet.Security.MyFormsIdentity ( ticket ), new string [ 0 ] );
}
catch ( Exception e ) {
// Decrypt method failed.
}
}
} else {
throw new HttpException ( "Cookieless Forms Authentication is not " +
"supported for this application." );
}
}
Public Sub FormsAuthentication_OnAuthenticate ( src As Object, args As FormsAuthenticationEventArgs )
If FormsAuthentication.CookiesSupported Then
If Not Request.Cookies ( FormsAuthentication.FormsCookieName ) Is Nothing Then
Try
Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt ( _
Request.Cookies ( FormsAuthentication.FormsCookieName ) .Value )
args.User = New System.Security.Principal.GenericPrincipal ( _
New Samples.AspNet.Security.MyFormsIdentity ( ticket ), New String ( 0 ) { } )
Catch e As HttpException
' Decrypt method failed.
End Try
End If
Else
Throw New Exception ( "Cookieless Forms Authentication is not " & _
"supported for this application." )
End If
End Sub |
| |
C# |
VB |
FormsAuthenticationModule Members
