FormsAuthenticationTicket Constructors
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of the FormsAuthenticationTicket class.
Overloads
| FormsAuthenticationTicket(String, Boolean, Int32) |
Initializes a new instance of the FormsAuthenticationTicket class using a cookie name and expiration information. |
| FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String) |
Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, expiration date, issue date, persistence, and user-specific data. The cookie path is set to the default value established in the application's configuration file. |
| FormsAuthenticationTicket(Int32, String, DateTime, DateTime, Boolean, String, String) |
Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data. |
Initializes a new instance of the FormsAuthenticationTicket class using a cookie name and expiration information.
public:
FormsAuthenticationTicket(System::String ^ name, bool isPersistent, int timeout);public FormsAuthenticationTicket(string name, bool isPersistent, int timeout);new System.Web.Security.FormsAuthenticationTicket : string * bool * int -> System.Web.Security.FormsAuthenticationTicketPublic Sub New (name As String, isPersistent As Boolean, timeout As Integer)Parameters
- name
- String
The user name associated with the ticket.
- isPersistent
- Boolean
true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
- timeout
- Int32
The time, in minutes, for which the authentication ticket is valid.
Remarks
The FormsAuthenticationTicket object created by this constructor will have a CookiePath value set to the value of the FormsCookiePath property, a Version value of 2, an IssueDate value of the current local date and time, a UserData value of an empty string (""), and an Expiration value that is set to the current local date and time plus the value of the timeout parameter.
See also
Applies to
.NET Framework 4.8.1 and other versions
| Product | Versions |
|---|---|
| .NET Framework | 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, expiration date, issue date, persistence, and user-specific data. The cookie path is set to the default value established in the application's configuration file.
public:
FormsAuthenticationTicket(int version, System::String ^ name, DateTime issueDate, DateTime expiration, bool isPersistent, System::String ^ userData);public FormsAuthenticationTicket(int version, string name, DateTime issueDate, DateTime expiration, bool isPersistent, string userData);new System.Web.Security.FormsAuthenticationTicket : int * string * DateTime * DateTime * bool * string -> System.Web.Security.FormsAuthenticationTicketPublic Sub New (version As Integer, name As String, issueDate As DateTime, expiration As DateTime, isPersistent As Boolean, userData As String)Parameters
- version
- Int32
The version number of the ticket.
- name
- String
The user name associated with the ticket.
- issueDate
- DateTime
The local date and time at which the ticket was issued.
- expiration
- DateTime
The local date and time at which the ticket expires.
- isPersistent
- Boolean
true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
- userData
- String
The user-specific data to be stored with the ticket.
Remarks
The FormsAuthenticationTicket object created by this constructor will have a CookiePath value set to the value of the FormsCookiePath.
Note
The userData parameter cannot be null.
See also
Applies to
.NET Framework 4.8.1 and other versions
| Product | Versions |
|---|---|
| .NET Framework | 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
Initializes a new instance of the FormsAuthenticationTicket class with cookie name, version, directory path, issue date, expiration date, persistence, and user-defined data.
public:
FormsAuthenticationTicket(int version, System::String ^ name, DateTime issueDate, DateTime expiration, bool isPersistent, System::String ^ userData, System::String ^ cookiePath);public FormsAuthenticationTicket(int version, string name, DateTime issueDate, DateTime expiration, bool isPersistent, string userData, string cookiePath);new System.Web.Security.FormsAuthenticationTicket : int * string * DateTime * DateTime * bool * string * string -> System.Web.Security.FormsAuthenticationTicketPublic Sub New (version As Integer, name As String, issueDate As DateTime, expiration As DateTime, isPersistent As Boolean, userData As String, cookiePath As String)Parameters
- version
- Int32
The version number of the ticket.
- name
- String
The user name associated with the ticket.
- issueDate
- DateTime
The local date and time at which the ticket was issued.
- expiration
- DateTime
The local date and time at which the ticket expires.
- isPersistent
- Boolean
true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
- userData
- String
The user-specific data to be stored with the ticket.
- cookiePath
- String
The path for the ticket when stored in a cookie.
Examples
The following code example stores the result of the Encrypt method in a cookie using the FormsCookieName property and redirects the user to the URL returned from the GetRedirectUrl method.
Important
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
private void Login_Click(Object sender, EventArgs e)
{
// Create a custom FormsAuthenticationTicket containing
// application specific data for the user.
string username = UserNameTextBox.Text;
string password = UserPassTextBox.Text;
bool isPersistent = false;
if (Membership.ValidateUser(username, password))
{
string userData = "ApplicationSpecific data for this user.";
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
isPersistent,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
// Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}
else
{
Msg.Text = "Login failed. Please check your user name and password and try again.";
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND: #80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Private Sub Login_Click(sender As Object, e As EventArgs)
' Create a custom FormsAuthenticationTicket containing
' application specific data for the user.
Dim username As String = UserNameTextBox.Text
Dim password As String = UserPassTextBox.Text
Dim isPersistent As Boolean = False
If Membership.ValidateUser(username, password) Then
Dim userData As String = "ApplicationSpecific data for this user."
Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
username, _
DateTime.Now, _
DateTime.Now.AddMinutes(30), _
isPersistent, _
userData, _
FormsAuthentication.FormsCookiePath)
' Encrypt the ticket.
Dim encTicket As String = FormsAuthentication.Encrypt(ticket)
' Create the cookie.
Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))
' Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
Else
Msg.Text = "Login failed. Please check your user name and password and try again."
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND:#80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
Remarks
Note
The userData parameter cannot be null.
See also
Applies to
.NET Framework 4.8.1 and other versions
| Product | Versions |
|---|---|
| .NET Framework | 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
