Share via


PassportIdentity.HasSavedPassword

PassportIdentity.HasSavedPassword

Declares whether the user has selected the option to be signed in automatically on the Microsoft .NET Passport Login page.

Syntax

public bool HasSavedPassword [get]

Property value

true if the user's Ticket indicates that the password was saved on the .NET Passport Login page the last time the Ticket was refreshed; otherwise, false.

Example

The following C# example uses HasSavedPassword to check for the Saved Password flag in the user's Ticket. If the user has been authenticated within the last 3600 seconds, has saved his or her password, but has not been authenticated within the last 120 seconds, the user is forced to perform a manual sign-in.

<%@ Page Language="C#"%>
<HTML>
<HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD>
<Script language="C#" runat="server">
 string sServer;
 PassportIdentity oMgr;
 string sthisURL, sruURL;

 protected void Page_Load(Object src, EventArgs e) {
  sServer = Request.ServerVariables["SERVER_NAME"];
  oMgr = (PassportIdentity)User.Identity;
  sthisURL = "https://" + sServer + Request.ServerVariables["SCRIPT_NAME"];
  sruURL   = "https://" + sServer + "/BriefCS/Mysample.aspx";
}
</Script>
<%

if (oMgr.GetIsAuthenticated(3600,0,-1)) {
 //Check to see if the .NET Passport has been saved.
 Response.Write ("You are authenticated");

 if (oMgr.HasSavedPassword) {
   //If the last sign-in was more than 120 seconds ago, do a forced sign-in
   oMgr.LoginUser(sruURL,120,true,null,1033,null,-1,false,null);
  }
  else {
   Response.Write ("<br>On the sign-in, you did not save your password. The HasSavedPassword is False");
  }
 }
 else {
  Response.Write ("You have not been authenticated within the last hour.");
 } // End if GetIsAuthenticated

%>
</HTML>

Remarks

A read-only property. Users can choose to save their password so that they are not prompted to re-enter credentials when revisiting a site. With password saved, the network-issued "MSPSec" ticket-granting cookie persists across sessions and stores the encrypted password. All other .NET Passport cookies persist across sessions when this setting is enabled. When the HasSavedPassword property is set, the user remains signed in to .NET Passport all the time on that computer, until the user explicitly signs out by clicking the Sign Out button.

Closing a browser will not destroy cookies, and when a new session begins, the user will, whenever possible, be signed in automatically using saved credentials. The domain authority cookies are refreshed as often as necessary to meet participating-site requirements, but the user never sees the Login page or re-enters the sign-in name and password again, unless the ForceLogin parameter of the LoginUser, AuthURL2, or LogoTag2 method is set to true. In the preceding example, if the user is validated, but not in the previous 120 seconds, the user is forced to perform a manual sign-in.

See Also

Passport PassportIdentity Object | PassportIdentity.LoginUser | PassportIdentity.AuthUrl2 | PassportIdentity.LogoTag2