FormsAuthenticationEventArgs.User Property

Reference

Definition

Namespace:: System.Web.Security

Assembly:: System.Web.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets or sets the IPrincipal object to be associated with the current request.

public:
 property System::Security::Principal::IPrincipal ^ User { System::Security::Principal::IPrincipal ^ get(); void set(System::Security::Principal::IPrincipal ^ value); };

public System.Security.Principal.IPrincipal User { get; set; }

member this.User : System.Security.Principal.IPrincipal with get, set

Public Property User As IPrincipal

Property Value

IPrincipal

The IPrincipal object to be associated with the current request.

Examples

The following example uses the FormsAuthentication_OnAuthenticate event to set the User property of the current HttpContext to a GenericPrincipal object with a custom Identity.

public void FormsAuthentication_OnAuthenticate(object sender, FormsAuthenticationEventArgs args)
{
  if (FormsAuthentication.CookiesSupported)
  {
    if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
    {
      try
      {
        FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(
          Request.Cookies[FormsAuthentication.FormsCookieName].Value);
        
        args.User = new System.Security.Principal.GenericPrincipal(
          new Samples.AspNet.Security.MyFormsIdentity(ticket),
          new string[0]);
      }
      catch (Exception e)
      {
        // Decrypt method failed.
      }
    }
  }
  else
  {
    throw new HttpException("Cookieless Forms Authentication is not " +
                            "supported for this application.");
  }
}

Public Sub FormsAuthentication_OnAuthenticate(sender As Object, _
                                              args As FormsAuthenticationEventArgs)
  If FormsAuthentication.CookiesSupported Then
    If Not Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing Then
      Try
        Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt( _
          Request.Cookies(FormsAuthentication.FormsCookieName).Value)
        
        args.User = New System.Security.Principal.GenericPrincipal( _
          New Samples.AspNet.Security.MyFormsIdentity(ticket), _
          New String(0) {})
      Catch e As HttpException
        ' Decrypt method failed.
      End Try
    End If
  Else
      Throw New Exception("Cookieless Forms Authentication is not " & _
                            "supported for this application.")
  End If
End Sub

Remarks

You can use the User property to set the User property of the current HttpContext to a custom IPrincipal object.

If you do not specify a value for the User property during the FormsAuthentication_OnAuthenticate event, the identity supplied by the forms authentication ticket in the cookie or URL is used.

Applies to

Product	Versions
.NET Framework	1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1

Share via