Custom Authentication

[Tarun Mistry]

Hi guys, im having a little problem getting my head around some concepts,
any help would be appreciated.

I have enabled forms authentication in my site using a Membership provider
(SQL based). I followed the tutorial set out by the 4 guys From Rolla
(http://aspnet.4guysfromrolla.com/articles/120705-1.aspx).

However, I see that I can use the Membership class myself to create my own
authentication systems instead of faffing around with the .NET 2.0
webcontrols. This is where I am failing (i.e im wanting to make my own
controls for authentication)

I understand that the Authenticate member authenticates a user, but then
when is a ticket issued? Secondly, where is this ticket stored? Is the
cookie updated? If I want to issue the ticket myself, how do I do this?

when i look at the info for the membership class, it used a second class
called "FormsAuthentication" with a similar array of functionality, I feel
im going in circles and a little confused.

Any help appreciated!

Many thanks.
Taz

 

[Tarun Mistry]

Any help appreciated!

Many thanks.
Taz

FYI, for anyone who was also stuck like i was.

The FormAuthentication class is the one that creates the encrypted ticket in
the cookie. Thus the following checks to see if a user is valid, if so it
"logs" them in by providing the secure cookie

if(Membership.ValidateUser("test", "test123"))
{ Forms.SetAuthCookie("test"); }

Finally, a user can be checked to be logged in on any page by
"User.Identity.IsAuthentication".

The following classes will be of use to anyone making there own
authentication systems on the back of the security model provided by ASP.NET
2.0

Membership
FormsAuthentication
FormsAuthenticationTicket

Cheers
Taz

 

[Edwin Knoppert]

Hello,

I use: context.Response.Cookies.Add(authCookie);

Should i use SetAuthCookie() instead?
Some of our users can not be authenticated (out of 1000's of users)

(It's an encrypted ticket)