Forms authentication mode

Well, after talking about the membership for so long, the forms authentication mode is only available here,

It's a shame, but you can review the froms mechanism here,

By the way, let's test what the cookie in froms Authentication mode is like,

First,

To use forms authentication, you must enable Forms authentication. There are many ways to enable it,

It can be enabled through IIS,

You can enable it through web. config configuration,

You can also enable it through ASP. NET Website management tools,

After the forms authentication mode is enabled, the following configuration will be generated in Web. config,

Explicitly specifying the Authentication mode as forms,

After so long, what is forms authentication mode?

I think everyone has logged on to such a website,

There will always be a checkbox to let the website remember your efficacy, that is, you only need to log on once,

In the future, you can stop logging on. In fact, this is the forms mechanism. What exactly is it,

How does this website know that you have successfully logged on? How can it identify you?

In fact, this is implemented through cookies. When you check "remember me" and log on successfully,

It automatically creates a cookie on your machine, which stores your authentication information,

This is also because you only need to log on once and do not need to log on later,

Now let's take a look at what this cookie is like,

First look at Demo _ 8. aspx

This demo _ 8. aspx has almost no content and is only used for testing,

Code-behind

I started running demo _ 8. aspx, because the user has not been verified,

Therefore, the loginurl page defined in Web. config is displayed,

Then I log on with the username Xiaozhen and check "remember me"

Apparently, the logon is successful,

Now

C: \ Users \ Xiaozhen \ appdata \ roaming \ Microsoft \ Windows \ cookies

(My system is win7, and the path of XP will be different,

However, you can search for the cookie folder)

A cookie is created under this path.

Now, based on the Creation Time, we can determine that this cookie was created when we logged on,

Open it.

I don't know what it is (because it is encrypted)

Since a cookie is created, do I have to log on to this website again?

You can test it.

The test result is that I directly run demo _ 8. aspx,

You can directly go to demo _ 8. aspx,

Instead of logging on to login. aspx as in the beginning.

This demo is purely used for testing and has no major effect,

Haha.

2010-2-06