Share via


PassportIdentity.GetIsAuthenticated(int,bool,bool)

PassportIdentity.GetIsAuthenticated(int,bool,bool)

Indicates the presence of a valid Microsoft .NET Passport Ticket cookie in the caller's domain or a fresh Ticket on the query string. This method determines if the current user is authenticated based on the iTimeWindow and the bForceLogin parameters.

Syntax

public bool GetIsAuthenticated(   int iTimeWindow,   bool bForceLogin,   bool bUseSecureAuth)

Parameters

  • iTimeWindow
    Specifies the interval during which users must have last signed in to the calling domain. Pass -1 to indicate that .NET Passport should use the default value. The value entered for iTimeWindow must be -1, greater than or equal to 20, and less than 2678400 (between 20 seconds and 31 days).
  • bForceLogin
    If set to true, then users must also have given their passwords on the Login server's Sign-in page within the iTimeWindow interval. If set to false, then they may have signed in using silent refresh or manual sign-in.
  • bUseSecureAuth
    A Boolean value that declares the secure level with which the Sign-in page will be served. false is the equivalent of secure level 0. true is the equivalent of secure level 10. For more information about these secure level values, see PassportIdentity.GetIsAuthenticated(int,int,int).

Return value

true if the user has been authenticated to a central site responsible for .NET Passport authentication within the iTimeWindow. If bForceLogin is set to true, then users must also have given their passwords at the Login server within the time specified by iTimeWindow. All other cases return false.

Example 1

The following C# example uses the GetIsAuthenticated method to check for the time since the last authentication. If the time is less than 600 seconds, a silent sign-in is performed. If the time is between 600 seconds and an hour (3600 seconds), a manual sign-in is required. If the time is greater than an hour, a warning that the user has not been authenticated within the last hour is displayed.

<%@ Page Language="C#"%>
<HTML>
<HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD>
<Script language="C#" runat="server">
 string sServer;
 PassportIdentity oMgr;
 string sthisURL, sruURL;

 protected void Page_Load(Object src, EventArgs e) {
  sServer = Request.ServerVariables["SERVER_NAME"];
  oMgr = (PassportIdentity)User.Identity;
  sthisURL = "https://" + sServer + Request.ServerVariables["SCRIPT_NAME"];
  sruURL = "https://" + sServer + "/BriefCS/Mysample.aspx";
 }
</Script>
<%
if (oMgr.GetIsAuthenticated(600,false,false)) {
 //You have been authenticated within the last 600 seconds, either silently or using
 //your password. Do a silent sign-in and return to the sruURL defined above.
 oMgr.LoginUser(sruURL,20,false,null,1033,null,01,false,null);
}
else if (oMgr.GetIsAuthenticated(3600,true,false)  ) {
 //If you fail the above test, but you have been authenticated using
 //your password within the past hour, you can sign in again, using your
 //password. Upon your sign-in, return to the sruURL defined above.
 oMgr.LoginUser(sruURL,60,true,null,1033,null,01,false,null);
}
else {
 Response.Write ("You have not been authenticated within the last hour. Please exit.");
} // End if GetIsAuthenticated
%>
</HTML> 

Example 2

The following example uses the GetIsAuthenticated method to ensure that the user has been authenticated within the previous hour and then displays the user's first name and .NET Passport Unique ID (PUID) as well as the Ticket age, time since sign-in, and Site ID. If the user has not been authenticated within the previous hour, a warning note is displayed.

<%@ Page Language="C#"%>
<HTML>
<HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD>
<Script language="C#" runat="server">
 string sServer;
 PassportIdentity oMgr;
 string sthisURL, sruURL;

 protected void Page_Load(Object src, EventArgs e) {
  sServer = Request.ServerVariables["SERVER_NAME"];
  oMgr = (PassportIdentity)User.Identity;
  sthisURL = "https://" + sServer + Request.ServerVariables["SCRIPT_NAME"];
  sruURL = "https://" + sServer + "/BriefCS/Mysample.aspx";
 }
</Script>
<%
if (oMgr.GetIsAuthenticated(3600,false,false) ) {
 //You have been authenticated with the last hour. Display the user's information.
 Response.Write ("Hello " + oMgr.GetProfileObject("Firstname") + ".");

 if (oMgr.GetIsAuthenticated(60,true,false) ) {
  Response.Write("<br>You have signed in using your password within the last 60 seconds.");
 }
 else {
  Response.Write("<br>You have not signed in using your password within the last 60 seconds.");
 }

 Response.Write("<br>Your unique identifier is " + oMgr.HexPUID + ".");
 Response.Write("<br>Your ticket is " + oMgr.TicketAge + " seconds old.");
 Response.Write("<br>You signed in " + oMgr.TimeSinceSignIn + " seconds ago.");
 Response.Write("<br>Your server SiteID = " + oMgr.GetCurrentConfig("SiteID") + ".");
}
else {
 Response.Write ("You have not been authenticated within the last hour.");
} // End if GetIsAuthenticated
%>
</HEAD>
</HTML> 

Example 3

The following example uses the GetIsAuthenticated method with the bForceWindow to determine if a manual or silent sign-in was last used to authenticate the user. The only difference between the two statements is the bForceLogin parameter.

<%@ Page Language="C#"%>
<HTML>
<HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD>
<Script language="C#" runat="server">
 string sServer;
 PassportIdentity oMgr;
 string sthisURL, sruURL;

 protected void Page_Load(Object src, EventArgs e) {
  sServer = Request.ServerVariables["SERVER_NAME"];
  oMgr = (PassportIdentity)User.Identity;
  sthisURL = "https://" + sServer + Request.ServerVariables["SCRIPT_NAME"];
  sruURL = "https://" + sServer + "/BriefCS/Mysample.aspx";
 }
</Script>
<%
if (oMgr.GetIsAuthenticated(30,false,false) ) {
 Response.Write ("You were authenticated manually or silently within the last 30 seconds.");
}
if (oMgr.GetIsAuthenticated(30,true,false) ) {
 Response.Write ("<br>You were authenticated manually within the last 30 seconds.");
}

//If over 40 seconds, do a silent sign-in
if (oMgr.TicketAge > 40) {
 oMgr.LoginUser(sthisURL,40,false,null,1033,null,-1,false,null);
}

Response.Write("<br><br>TicketAge = " + oMgr.TicketAge);
%>
</HEAD>
</HTML> 

Remarks

In Example 1, if the authentication has been accomplished within the previous 600 seconds, a silent refresh is used. The silent sign-in resets the HasTicket property to 0 but does not reset the TimeSinceSignIn property. If the authentication has been performed between 600 seconds and an hour, a manual sign-in is required. The manual sign-in resets both the HasTicket and TimeSinceSignIn properties to 0.

You can use the GetIsAuthenticated method to ensure that the user is a valid user before displaying .NET Passport properties or using .NET Passport methods on the object. Example 2 displays a means to verify that the user has been authenticated within the previous hour before it displays any properties or methods.

Example 3 uses GetIsAuthenticated along with the iForceLogin parameter to determine if the user has last been authenticated with a manual or a silent sign-in. If the user has performed a manual sign-in within 30 seconds of entering this page, the message "You were authenticated manually within the last 30 seconds" will be displayed to the user. Refreshing this page after the Ticket age reaches 40 seconds will perform a silent sign-in and the message "You were authenticated manually or silently within the last 30 seconds" will be displayed.

If the GetIsAuthenticated returns false and the HasTicket property is true, the user has a stale Ticket, which means the Ticket was obtained beyond the iTimeWindow of GetIsAuthenticated and should be refreshed.

See Also

Passport PassportIdentity Object | PassportIdentity.IsAuthenticated | PassportIdentity.HasTicket | PassportIdentity.TimeSinceSignIn | PassportIdentity.TicketAge