AuthManager.IsAuthenticated Method (PIA)
Use this method to determine whether the current user has a valid AuthTicketType ticket. This method also allows the determination of whether the user has been authenticated within a specified period of time.
Definition
[Visual Basic .NET]
Imports Microsoft.CommerceServer.Interop
…
Public Function IsAuthenticated(OptionalTimeWindow As Integer) As Boolean
[C#]
using Microsoft.CommerceServer.Interop;
…
bool IsAuthenticated(intTimeWindow);
Parameters
[Visual Basic .NET]
- TimeWindow
An optional Integer that contains a time period in minutes. The default value is 0.
[C#]
- TimeWindow
An int that contains a time period in minutes. For additional information, see the Remarks section.
Return Values
[Visual Basic .NET] If this method completes successfully, it returns a Boolean that indicates the authentication status of the current user.
[C#] This method returns a Boolean value indicating whether the user is authenticated.
Exceptions
This method may throw one of many mapped exceptions or an exception of type COMException. See Standard COM Errors for additional details.
[Visual Basic .NET]
The following table shows the custom COM errors that this method can return.
Value | Description |
---|---|
&HC1004C24 | This method should only be called within an ASP page. |
&HC1004C10 | The Initialize method must be called with the installed site name before calling this method. |
[C#]
The following table shows the custom COM errors that a COMException can wrap.
Value | Description |
---|---|
0xC1004C24 | This method should only be called within an ASP page. |
0xC1004C10 | The Initialize method must be called with the installed site name before calling this method. |
Remarks
An AuthTicketType ticket contains the time the user last logged in and a time window of validity. The ticket is no longer valid if the time since the last login has exceeded the time window specified in the SetAuthTicket method when the ticket was generated.
The time window parameter, TimeWindow, of this method allows checking whether the time since the user last logged in has exceeded a shorter time interval than the time window specified by the SetAuthTicket method. A value of zero (0) is equivalent to setting the time window to the same value as specified in the SetAuthTicket method.
This method returns False if the user does not have an AuthTicketType ticket, the ticket is invalid, or the time since the user last logged in has exceeded the specified time window.
If the ticket is within five minutes of expiring, the last login time is refreshed to the current time, allowing an additional period for the ticket to be valid.
Note
The expiration timestamp starts when the user initially logs on to the Web site. It does not update on subsequent requests. If your users are experiencing AuthTicket expirations, we recommend that you increase the time window.
If after you increase the time window, and the AuthTicket continues to expire, you can set a new AuthTicket upon each Web page hit. However, you must make sure that the user is already authenticated so you do not issue the user a ticket when they should not have one. If you issue a ticket on every page, you will experience a performance degradation on your Web site.
Ensure a log-off page is created and called for any logged-in user. The log-off page should either expire the AuthTicketType cookie or clear its contents.
Requirements
Namespace: Microsoft.CommerceServer.Interop
Platforms: Windows 2000, Windows Server 2003
Assembly: mscsauthlib (in mscsauthlib.dll)
See Also
Copyright © 2005 Microsoft Corporation.
All rights reserved.