ASP.NET Forms Authentication - How to Know if User Has Previously Been Authenticated

D

David Krussow

The 2nd parameter of the
[System.Web.Security.FormsAuthentication.RedirectFromLoginPage(string,
bool)] method controls whether a persistent cookie is created - so that
ASP.NET can "know" if the current user has been previously authenticated
(during previous browser sessions).

My question: How can code I write elsewhere in the application retrieve that
cookie - or otherwise "know" if the current user has been authenticated? My
intent is to have some pages in the application that do not require
authentication in order to be viewed, but do display additional content only
for users who have been authenticated (during the curren session or a
previous browser session). That logic would need to somehow look for the
cookie that was created during authentication or verify that no such cookie
exists. How do I do that?

Thanks
 
J

John Saunders

David Krussow said:
The 2nd parameter of the
[System.Web.Security.FormsAuthentication.RedirectFromLoginPage(string,
bool)] method controls whether a persistent cookie is created - so that
ASP.NET can "know" if the current user has been previously authenticated
(during previous browser sessions).

My question: How can code I write elsewhere in the application retrieve that
cookie - or otherwise "know" if the current user has been authenticated? My
intent is to have some pages in the application that do not require
authentication in order to be viewed, but do display additional content only
for users who have been authenticated (during the curren session or a
previous browser session). That logic would need to somehow look for the
cookie that was created during authentication or verify that no such cookie
exists. How do I do that?

You don't need to do anything with the cookie.

Request.IsAuthenticated will tell you if the current request is
authenticated.
 
R

Richard

I'm having the same problem as stated in the start of the thread and
Request.IsAuthenticated does not work because no methods for
authentication have been called.

My index page allows access to anonymous users via the web.config file,
but I would also like to use user-specific information on that page if
they've been there before How do I access previous presistent cookies
or tickets on a anonymous page?

For example: first, the user logs on to my site and checks "Remember my
ID" (persistent cookie). Then, they close the browser, thus ending the
session. Finally, the user comes back to the index page that users
don't have to be logged in to see, but the this user does see "you are
logged in" because their FormsAuthentication ticket was set to
persistent when they first logged in. In this scenario,
Request.IsAuthenticated = false when they open the new session. If they
go to a protected page, they don't have to log in and now
Request.IsAuthenticated = true.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top