posted on Monday, November 08, 2004 2:26 PM by Saravana

Cookieless Forms Authentication in Whidbey

In .Net framework 1.x, cookieless support was there only for sessions. But in whidbey, you can have forms authentication without the support of cookie's. You can enable it in machine.config or web.config similar to cookieless sessions,

<configuration>

            <system.web>

                        <authentication mode="Forms">

                                    <forms name=".MYASPXAuth"

                                                loginUrl="login.aspx"

                                                protection="All"

                                                timeout="30"

                                                defaultUrl="Default.aspx"

                                                cookieless="UseUri"/>

                        </authentication>

            </system.web>

</configuration>

When compared to cookieless property in session element,  cookieless forms authentication property has more options. Following are the various options,

  • UseUri: Authentication tickets will be stored in the URL itself. Similar to session state cookieless option.
  • UseCookies: Default option, will use cookies for forms authentication.
  • AutoDetect: It will automatically detect whether browser support cookies or not
  • UserDeviceProfile:Chooses to use cookies or not based on the device profile settings in machine.config

Comments