Click here to Skip to main content
13,147,182 members (30,331 online)
Click here to Skip to main content


161 bookmarked
Posted 2 Nov 2003

Custom Authentication provider by implementing IHttpModule, IPrincipal and IIdentity

, 2 Nov 2003
An article on writing Custom Authentication provider in ASP.NET
<?xml version="1.0" encoding="utf-8" ?>
          Set compilation debug="true" to enable ASPX debugging.  Otherwise, setting this value to
          false will improve runtime performance of this application. 
          Set compilation debug="true" to insert debugging symbols (.pdb information)
          into the compiled page. Because this creates a larger file that executes
          more slowly, you should set this value to true only when debugging and to
          false at all other times. For more information, refer to the documentation about
          debugging ASP .NET files.
		<compilation defaultLanguage="c#" debug="true" />
          Set customError mode values to control the display of user-friendly 
          error messages to users instead of error details (including a stack trace):

          "On" Always display custom (friendly) messages  
          "Off" Always display detailed ASP.NET error information.
          "RemoteOnly" Display custom (friendly) messages only to users not running 
          on the local Web server. This setting is recommended for security purposes, so 
          that you do not display application detail information to remote clients.
		<customErrors mode="RemoteOnly" />
          This section sets the authentication policies of the application. Possible modes are "Windows", "Forms", 
          "Passport" and "None"
		<authentication mode="Windows" />
          Application-level tracing enables trace log output for every page within an application. 
          Set trace enabled="true" to enable application trace logging.  If pageOutput="true", the
          trace information will be displayed at the bottom of each page.  Otherwise, you can view the 
          application trace log by browsing the "trace.axd" page from your web application
		<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
          By default ASP .NET uses cookies to identify which requests belong to a particular session. 
          If cookies are not available, a session can be tracked by adding a session identifier to the URL. 
          To disable cookies, set sessionState cookieless="true".
		<sessionState mode="InProc" stateConnectionString="tcpip=" sqlConnectionString="data source=;user id=sa;password=" cookieless="false" timeout="20" />
          This section sets the globalization settings of the application. 
		<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
		<!-- Add a Custom Authentication module -->
			<add name="CustomAuthenticationModule" type="CustomSecurity.CustomAuthenticationModule, CustomSecurity" />
		<!-- Parameters for the Login page URL and Cookie Name -->
		<add key="CustomAuthentication.LoginUrl" value="/Login.aspx" />
		<add key="CustomAuthentication.Cookie.Name" value=".CUSTOM_AUTH" />
		<!--		<add key="CustomAuthentication.Cookie.Expiration" value="2" />-->

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author

I Piscean
Web Developer
United States United States
No Biography provided

You may also be interested in...

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.170915.1 | Last Updated 3 Nov 2003
Article Copyright 2003 by I Piscean
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid