FormsAuthentication.RequireSSL Property

Reference

Definition

Namespace:: System.Web.Security

Assembly:: System.Web.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets a value indicating whether the forms-authentication cookie requires SSL in order to be returned to the server.

public:
 static property bool RequireSSL { bool get(); };

public static bool RequireSSL { get; }

static member RequireSSL : bool

Public Shared ReadOnly Property RequireSSL As Boolean

Property Value

Boolean

true if SSL is required to return the forms-authentication cookie to the server; otherwise, false. The default is false.

Examples

The following code example sets the requireSSL attribute in the Web.config file.

<authentication mode="Forms">
  <forms loginUrl="member_login.aspx"
    cookieless="UseCookies"
    requireSSL="true"
    path="/MyApplication" />
</authentication>

Remarks

The RequireSSL property value is set in the configuration file for an ASP.NET application by using the requireSSL attribute of the forms configuration element. You can specify in the Web.config file for your ASP.NET application whether SSL (Secure Sockets Layer) is required to return the forms-authentication cookie to the server by setting the requireSSL attribute . For more information, see Secure.

It is recommended that if you configure requireSSL as false, you also configure slidingExpiration as false, to reduce the amount of time for which a ticket is valid.

Applies to

Share via