473,320 Members | 1,914 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

FormsAuthentication cookie

Hello group,

I use Forms Authentication in my web application and I am not sure I
understand the way the cookie works.

I use the SetAuthCookie method with a database identifier as userName, as
I would like the website to remember who is logged in (and I guess it
doesn't matter wether I store a name or an identifier, which is much more
convenient for me) :

FormsAuthentication.SetAuthCookie(reader["CTC_ID"].ToString(), true);

But then, I don't find any way to get it back later. The cookie contains
a very long string, is it encrypted ? Or do I need to set up a special
cookie to store my identifier ?

Karine Proot
G-Fit
Jul 21 '05 #1
2 1525
AFAIK you cann't access the forms authentication cookie in the same way as
you would a normal cookie - it is used intermally by the forms
authentication processing. The only reason for specifying a particular
cookie is to avoid a possible name mismatch with other cookies, or other web
apps running on the same server.

If you want to store information about the user I think you should use the
Session object as normal. However, be aware that the forms authentication
timeout might not be the same as the session timeout, so your code cannot
assume that a Session exists if and only if the user is authenticated.

Andy

"G-Fit" <ms**@g-fit.fr> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Hello group,

I use Forms Authentication in my web application and I am not sure I
understand the way the cookie works.

I use the SetAuthCookie method with a database identifier as userName, as I would like the website to remember who is logged in (and I guess it
doesn't matter wether I store a name or an identifier, which is much more
convenient for me) :

FormsAuthentication.SetAuthCookie(reader["CTC_ID"].ToString(), true);

But then, I don't find any way to get it back later. The cookie contains a very long string, is it encrypted ? Or do I need to set up a special
cookie to store my identifier ?

Karine Proot
G-Fit

Jul 21 '05 #2

"Andy Fish" <aj****@blueyonder.co.uk> a écrit dans le message de
news:Bn*********************@news-text.cableinet.net...
AFAIK you cann't access the forms authentication cookie in the same way as
you would a normal cookie - it is used intermally by the forms
authentication processing. The only reason for specifying a particular
cookie is to avoid a possible name mismatch with other cookies, or other web apps running on the same server.

If you want to store information about the user I think you should use the
Session object as normal. However, be aware that the forms authentication
timeout might not be the same as the session timeout, so your code cannot
assume that a Session exists if and only if the user is authenticated.


That is exactly the problem I have, and that's why I tried to use the
authentication cookie alone.
Anyway, thanks for your answer !
Jul 21 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: George Durzi | last post by:
When you call FormsAuthentication.SignOut(), is the FormsAuthentication cookie supposed to be destroyed automatically? I'm creating my FormsAuthentication cookie by doing: HttpCookie oCookie =...
2
by: StanD | last post by:
At the end of my login process I am generating my own Persistent FormsAuthentication ticket. I encode this and set a cookie value. I then use Response.Cookies.Add(cookie), and I continue the...
4
by: Jeff B | last post by:
I am having a very perplexing problem with setting the user's roles. I have tried to figure this out for 2 days now. When the user logs in to the site, I retrieve the roles from the database and...
2
by: Grant Merwitz | last post by:
Hi, i am using forms authentication in an ASP.NET project I am setting the Forms authentication cookie by using: FormsAuthentication.RedirectFromLoginPage(UserName.Text, false); Now when i...
4
by: Matthias S. | last post by:
Hi there, I've created an application which is using Forms-based authentification. My Login-Button event handler looks somewhat like this: // validate the input, etc... // sUserName holds now...
1
by: Dean R. Henderson | last post by:
I setup FormsAuthentication on a couple websites where it has been working as expected for a long time. I used this code to setup the same type of authentication on a new website I am working on...
5
by: Ĺženol Akbulak | last post by:
Hello; I use in my web application FormsAuthentication. Also I use Session state (InProc). When a user logged in, I can read Session parameters. (For example Session). Problem is that, when...
8
by: Bill Henning | last post by:
Another developer and I have noticed that after upgrading to the ASP.NET 2.0 RTM release, when using: FormsAuthentication.SetAuthCookie(userName, true) That the cookie is no longer persisted,...
3
by: Noremac | last post by:
My google skills must be dwindling. I am trying to determine how in ASP.NET 2.0 I can get the ReturnUrl querystring variable in Forms Authentication to contain the absolute url. Just like others...
2
by: rn5a | last post by:
A web.config file has the following code: <configuration> <system.web> <authentication mode="Forms"> <forms name="NETConnectCookie" loginUrl="Login.aspx"> <credentials passwordFormat="SHA1"/>...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.