How to: Display the Caller's Sign-In Status

[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

Typically, an ASP.NET Web site requires that the user sign in before letting the user access certain parts of the site. Windows® Identity Foundation (WIF) provides a set of Web controls to make this authentication process easier.

Once you have signed in a user, you might want to show the user’s sign-in status. WIF provides the SignInStatus control for this scenario. If the user is already signed in, this control appears as a “Sign Out” link. If the user is not signed in, it appears as a “Sign In” link that redirects the user to the logon page that is configured for the Web application. To use this control, the Web application must be configured to use forms-based logon. For details, see How to: Implement Simple Forms Authentication.

Display Sign-In Status Using the SignInStatus Control

When you install WIF, the WIF controls are installed into the Visual Studio toolbox for you. If you don’t see them, you can install them manually by opening the toolbox, right-clicking it and then selecting Choose Items.... In the resulting dialog box, select the .NET Framework Components tab and then click the Browse button in the lower-right corner. Select the Microsoft.IdentityModel.dll assembly from the Reference Assemblies directory inside the WIF installation folder and then click Open. Then click OK. The new controls should appear inside the toolbox windows under the Windows® Identity Foundation (WIF) Controls category. One of the controls is called SignInStatus and that’s the one that you will be using in the following steps.

  1. Enable the Session Authentication Module for the Web application (see Establishing Trust from an ASP.NET Relying Party Application to an STS using FedUtil).

  2. Add a SignInStatus control to the Web page from the Visual Studio toolbox dialog box.

  3. Configure the control as necessary.

To show this control only when the user is signed in, add this control inside a LoggedInTemplate element of the LoginView control provided by ASP.NET. An example of this is shown here.

<asp:LoginView ID="LoginView1" runat="server">
            Welcome:<asp:LoginName ID="LoginName1" runat="server" />
            <br />
            <br />
            <wif:SignInStatus ID="SignInStatus1" runat="server" />
            <br />