|
|||||||||
|
|||||||||
|
|||||||||
 |
|||||||||
 |
||
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
|
|||||||||
| |
||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
ASP Free Forums Sponsor:
|
|
Free Web 2.0 Code Generator! Generate data entry and reporting .NET Web apps in minutes. Quickly create visually stunning, feature-rich apps that are easy to customize and ready to deploy. Download Now!
|
|
#1
March 26th, 2008, 12:28 PM
|
|||
|
|||
|
FormsAuthentication?
Hello all.
What is the advantage/disadvantage of using FormsAuthentication.RedirectFromLoginPage E.g. What is the different between the following: Code:
if( IsUserAuthenticated(txtUser, txtPassword) )
{
// Create the authetication ticket
FormsAuthenticationTicket authTicket new FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now, DateTime.Now.AddMinutes(60), False , groups);
// Now encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
// Redirect the user to the originally requested page
Response.Redirect(FormsAuthentication.GetRedirectU rl(txtUserName.Text,false));
}
Versus this: Code:
if( IsUserAuthenticated(txtUser, txtPassword) )
{
FormsAuthentication.RedirectFromLoginPage(txtUser. Text, false);
}
Does the 2nd parameter of RedirectFromLoginPage do all the dirty work of creating the cookie for us? Thanks for any insight into this
|
|
#2
March 26th, 2008, 12:38 PM
|
||||
|
||||
|
The second parameter simply states that the cookie will or will not be persistent. If set to True, then the cookie will be left on the user's machine even after the session times out or they close the browser. If they were to come back, they would still be logged in. On many login forms, you will see a checkbox stating "Remember Me". That's what the second parameter does. If you were to have a 'remember me' checkbox on your login form, you could pass that checkbox value to the function like so:
Code:
FormsAuthentication.RedirectFromLoginPage(txtUser. Text, Checkbox1.Checked); The advantage of the second code snippet is that it is faster, but I suppose the advantage of the first code snippet is that you could further customize what you want to happen when a user logs in.
__________________
jmurrayhead Did I help you out? Make me popular by clicking the  icon!New Members:Proper way to post a question Powered by ASP.Net
|
|
#3
March 26th, 2008, 03:11 PM
|
|||
|
|||
|
Thanks for the reply jmurrayhead.
So by using the 2nd method, does it implicity do the things that the first method does? (i.e. create an encrypted cookie?) My concern is that the 2nd method does not do any encryption, leaving the authentication information exposed someplace 
|
|
| Viewing: ASP Free Forums > Programming > .NET Development > FormsAuthentication? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
 |
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
