C# Class Sholo.Web.Security.Authentication.User.UserAuthentication

UserAuthentication exposes a public API for use in working with stateful Forms Authentication in the .NET Framework.

Show file Open project: scottt732/SholoWebSecurity

Public Properties

Property	Type	Description
GuidStringLength	int
HashAlgorithmByteLength	int
HashAlgorithmStringLength	int

Public Methods

Method	Description
CalculateFormsAuthTicketHash ( System.Web.Security.FormsAuthenticationTicket formsAuthenticationTicket ) : string	Calculates the hash of the FormsAuthenticationTicket's properties concatenated together with the salt. This is used as a first line of defense against ticket tampering to potentially avoid an unnecessary read from the Provider.
ClearAuthCookie ( ) : void	Sends a blank and expired FormsAuthentication cookie to the client response. This effectively removes the FormsAuthentication cookie and revokes the FormsAuthenticationTicket. It also removes the cookie from the current Request object, preventing subsequent code from being able to access it during the execution of the current request. And just for good measure, it also replaces any existing principal in the current request pipeline with an anonymous one.
CreateFormsAuthTicket ( string username, string cookiePath, string serverKey, System.DateTime validFromDate, System.DateTime validUntilDate, bool persistent ) : System.Web.Security.FormsAuthenticationTicket	Creates a FormsAuthenticationTicket for storage on the client. The UserData field contains the server key, which can be used by the server-side Provider to retrieve validation data and additional details about the ticket (e.g. IP address)
GetAuthCookie ( System.Web.Security.FormsAuthenticationTicket ticket ) : System.Web.HttpCookie	Creates an HttpCookie containing an encrypted FormsAuthenticationTicket. The ticket must contain an hash and key into the Provider.
Initialize ( ) : void	Initializes configuration-related properties and validates configuration.
SetAuthCookie ( System.Web.Security.FormsAuthenticationTicket clientTicket, bool overwriteRequestCookie, bool writeResponseCookie ) : void	Encrypts a FormsAuthenticationTicket in an HttpCookie (using GetAuthCookie) and includes it in the current Request's Cookies collection and/or the Response's outbound Cookies collection.
ValidateFormsAuthTicketHash ( System.Web.Security.FormsAuthenticationTicket formsAuthenticationTicket, string expectedHash ) : bool	Calculates the hash of the formsAuthenticationTicket and compares it to the expected hash

Private Methods

Method	Description
UserAuthentication ( ) : System	Static constructor

Method Details

CalculateFormsAuthTicketHash() public static method

Calculates the hash of the FormsAuthenticationTicket's properties concatenated together with the salt. This is used as a first line of defense against ticket tampering to potentially avoid an unnecessary read from the Provider.

public static CalculateFormsAuthTicketHash ( System.Web.Security.FormsAuthenticationTicket formsAuthenticationTicket ) : string
formsAuthenticationTicket	System.Web.Security.FormsAuthenticationTicket	the formsAuthenticationTicket to /// compute the hash of
return	string

ClearAuthCookie() public static method

Sends a blank and expired FormsAuthentication cookie to the client response. This effectively removes the FormsAuthentication cookie and revokes the FormsAuthenticationTicket. It also removes the cookie from the current Request object, preventing subsequent code from being able to access it during the execution of the current request. And just for good measure, it also replaces any existing principal in the current request pipeline with an anonymous one.

public static ClearAuthCookie ( ) : void
return	void

CreateFormsAuthTicket() public static method

Creates a FormsAuthenticationTicket for storage on the client. The UserData field contains the server key, which can be used by the server-side Provider to retrieve validation data and additional details about the ticket (e.g. IP address)

public static CreateFormsAuthTicket ( string username, string cookiePath, string serverKey, System.DateTime validFromDate, System.DateTime validUntilDate, bool persistent ) : System.Web.Security.FormsAuthenticationTicket
username	string	User associated with the ticket
cookiePath	string	Relative path on server in which cookie is valid
serverKey	string	Provider key
validFromDate	System.DateTime	Ticket valid from date
validUntilDate	System.DateTime	Ticket valid to date
persistent	bool	Ticket can persist across browser sessions
return	System.Web.Security.FormsAuthenticationTicket

GetAuthCookie() public static method

Creates an HttpCookie containing an encrypted FormsAuthenticationTicket. The ticket must contain an hash and key into the Provider.

public static GetAuthCookie ( System.Web.Security.FormsAuthenticationTicket ticket ) : System.Web.HttpCookie
ticket	System.Web.Security.FormsAuthenticationTicket	The FormsAuthenticationTicket to encode
return	System.Web.HttpCookie

Initialize() public static method

Initializes configuration-related properties and validates configuration.

public static Initialize ( ) : void
return	void

SetAuthCookie() public static method

Encrypts a FormsAuthenticationTicket in an HttpCookie (using GetAuthCookie) and includes it in the current Request's Cookies collection and/or the Response's outbound Cookies collection.

public static SetAuthCookie ( System.Web.Security.FormsAuthenticationTicket clientTicket, bool overwriteRequestCookie, bool writeResponseCookie ) : void
clientTicket	System.Web.Security.FormsAuthenticationTicket	The FormsAuthenticationTicket to encode
overwriteRequestCookie	bool	Whether or not to replace the cookie in /// the current Request's Cookies collection. This will trick later executing /// code on the current HTTP request into processing the updated cookie
writeResponseCookie	bool	Whether or not to write the cookie to the /// browser via the Response's Cookies collection.
return	void

ValidateFormsAuthTicketHash() public static method

Calculates the hash of the formsAuthenticationTicket and compares it to the expected hash

public static ValidateFormsAuthTicketHash ( System.Web.Security.FormsAuthenticationTicket formsAuthenticationTicket, string expectedHash ) : bool
formsAuthenticationTicket	System.Web.Security.FormsAuthenticationTicket	The formsAuthenticationTicket to hash
expectedHash	string	The expected hash value
return	bool

Property Details

GuidStringLength public static property

The expected string length of a GUID

public static int GuidStringLength
return	int

HashAlgorithmByteLength public static property

The expected number of bytes of a hash

public static int HashAlgorithmByteLength
return	int

HashAlgorithmStringLength public static property

The expected string length of a hash

public static int HashAlgorithmStringLength
return	int