Cookieless form authentication in VB.NET

Using cookieless authentication user can be identified by unique token added to page’s URL
  • 2518
Download Files:
 

 Form authentication is used to identify user by a cookie name. When user is authenticated an encrypted cookie is added to the user's browser.  When user move from one page to another page user identity identified by cookies.

 Enable Forms Authentication in web.config file.

Web.Config

 
<?xml version="1.0"?>
 <
configuration>
     <
system.web>
       <
authentication mode="Forms"></authentication>
         <
compilation debug="false" strict="false" explicit="true" targetFramework="4.0"/>
     </
system.web>
 </
configuration>

Several configuration options are specific to Form authentication See below figure2.

forms1.gif

Figure 2

Cookieless Forms Authentication

First question definitely arise in your mind why we need to use Cookieless form authentication. The reason is every user use different browser.  Few browsers do not support cookies or a browser with cookies disabled.

When you use cookieless authentication user can be identified by unique token added to page's URL. When user relates from one page to another page token is passed automatically from one page to another page.

Cookieless attribute can use any of the following four values (also see figure 3):

  1. UseCookies : UseCookies value indicate that always use an form authentication cookie.UseUri :

  2. UseUri value indicate that always never use an authentication cookie.AutoDetect:

  3. AutoDetect automatically find whether a browser supports cookies or not.

  4. UseDeviceProfile: It is default value for cookieless attribute. It finds out that user browser support cookies or not. If browser does not support cookies then cookieless option will be used. Main use of UseDeviceProfile is to determine when to use cookieless authentication.

Web.Config

<?xml version="1.0"?>
 <
configuration>
   <
system.web>
     <
authentication mode="Forms">
       <
forms cookieless="AutoDetect">
       </
forms>
     </
authentication>
     <
compilation debug="false" strict="false" explicit="true" targetFramework="4.0" />
   </
system.web>
 </
configuration>

 

Categories

More Articles

© 2019 DotNetHeaven. All rights reserved.