Cookieless form authentication in VB.NET

Posted in VB.NET | ASP.NET USING VB.NET November 05, 2019
Tags: Asp.net, asp.net tutorial, Asp.net use Cookieless Form authentication, Cookieless Form authentication, Cookieless Form authentication in asp.net
Using cookieless authentication user can be identified by unique token added to page’s URL
  • 2756
 

 Form authentication is used to identify user by a cookie name. When user is authenticated an encrypted cookie is added to the user's browser.  When user move from one page to another page user identity identified by cookies.
 Enable Forms Authentication in web.config file.
Web.Config

 <?xml version="1.0"?>
 <configuration>
     <system.web>
       <authentication mode="Forms"></authentication>
         <compilation debug="false" strict="false" explicit="true" targetFramework="4.0"/>
     </system.web>
 </configuration>
Several configuration options are specific to Form authentication See below figure2.

forms1.gif

Figure 2

Cookieless Forms Authentication

 First question definitely arise in your mind why we need to use Cookieless form authentication. The reason is every user use different browser.  Few browsers do not support cookies or a browser with cookies disabled.

When you use cookieless authentication user can be identified by unique token added to page's URL. When user relates from one page to another page token is passed automatically from one page to another page.

Cookieless attribute can use any of the following four values (also see figure 3):

  1. UseCookies : UseCookies value indicate that always use an form authentication cookie.UseUri :

  2. UseUri value indicate that always never use an authentication cookie.AutoDetect:

  3. AutoDetect automatically find whether a browser supports cookies or not.

  4. UseDeviceProfile: It is default value for cookieless attribute. It finds out that user browser support cookies or not. If browser does not support cookies then cookieless option will be used. Main use of UseDeviceProfile is to determine when to use cookieless authentication.

Web.Config

<?xml version="1.0"?>
 <configuration>
   <system.web>
     <authentication mode="Forms">
       <forms cookieless="AutoDetect">
       </forms>
     </authentication>
     <compilation debug="false" strict="false" explicit="true" targetFramework="4.0" />
   </system.web>
 </configuration>

 

Categories

More Articles

    © 2020 DotNetHeaven. All rights reserved.