Click here to Skip to main content
15,885,278 members
Search within:


Articles / Web Development / ASP.NET
 

The Anatomy of Forms Authentication

Rate me:
Please Sign up or sign in to vote.
4.54/5 (32 votes)
14 Mar 2008CPOL6 min read 84.9K   566   68  
In this article, I will attempt explain in “gory” technical details how Forms Authentication works
 
using System;
using System.Collections.Generic;
using System.Text;
using System.Security;
using System.Security.Cryptography;

namespace GSS.Web.Security
{
    [System.Serializable()]
    public class FormsAuthenticationTicket
    {
        private int _version = 0;
        private string _userName = string.Empty;
        private string _userData = string.Empty;
        private string _appPath = string.Empty;
        private DateTime _expires = DateTime.MinValue;
        private DateTime _issueDate = DateTime.MinValue;
        private bool _isPersistent = false;

        public int Version
        {
            get { return _version; }
        }
        public string Username
        {
            get { return _userName; }
        }
        public string UserData
        {
            get { return _userData; }
        }
        public string AppPath
        {
            get { return _appPath; }
        }
        public DateTime Expires
        {
            get { return _expires; }
        }
        public DateTime IssueDate
        {
            get { return _issueDate; }
        }
        public bool IsPersistent
        {
            get { return _isPersistent; }
        }
        public bool IsExpired
        {
            get{return DateTime.Now > _expires;}
        }

        public FormsAuthenticationTicket(string username, string userdata, string appPath,
            DateTime issued, DateTime expires, int version, bool isPersistent)
        {
            if (username == null || username == string.Empty)
                throw new ArgumentException("username");
            else
                _userName = username;
            if (userdata == null)
                _userData = "";
            else
                _userData = userdata;
            if (appPath == null)
                _appPath = "/";
            else if (!appPath.StartsWith("/"))
                _appPath = "/" + appPath;
            else
                _appPath = appPath;            
            if (issued == DateTime.MinValue)
                _issueDate = DateTime.Now;
            else
                _issueDate = issued;
            if (expires == DateTime.MinValue)
                _expires = DateTime.Now.AddMinutes(GSS.Web.Security.Properties.Settings.Default.CookieTimeOut);
            else
                _expires = expires;
            if (version > 0)
                _version = version;
            else
                _version = 1;
            
        }
    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Jarrad Winter
United States United States
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 19 Dec 2006

Article Copyright 2006 by Jarrad Winter
Everything else Copyright © CodeProject, 1999-2024

Web02 2.8:2024-04-02:1