AuthManager.IsAuthenticated Method (PIA)
Use this method to determine whether the current user has a valid AuthTicketType ticket. This method also allows the determination of whether the user has been authenticated within a specified period of time.
Imports Microsoft.CommerceServer.Interop … Public Function IsAuthenticated( Optional TimeWindow As Integer ) As Boolean
using Microsoft.CommerceServer.Interop; … bool IsAuthenticated( int TimeWindow );
- An optional Integer that contains a time period in minutes. The default value is 0.
- An int that contains a time period in minutes. For additional information, see the Remarks section.
[Visual Basic .NET] If this method completes successfully, it returns a Boolean that indicates the authentication status of the current user.
[C#] This method returns a Boolean value indicating whether the user is authenticated.
This method may throw one of many mapped exceptions or an exception of type COMException. See Standard COM Errors for additional details.
The following table shows the custom COM errors that this method can return.
|&HC1004C24||This method should only be called within an ASP page.|
|&HC1004C10||The Initialize method must be called with the installed site name before calling this method.|
The following table shows the custom COM errors that a COMException can wrap.
|0xC1004C24||This method should only be called within an ASP page.|
|0xC1004C10||The Initialize method must be called with the installed site name before calling this method.|
An AuthTicketType ticket contains the time the user last logged in and a time window of validity. The ticket is no longer valid if the time since the last login has exceeded the time window specified in the SetAuthTicket method when the ticket was generated.
The time window parameter, TimeWindow, of this method allows checking whether the time since the user last logged in has exceeded a shorter time interval than the time window specified by the SetAuthTicket method. A value of zero (0) is equivalent to setting the time window to the same value as specified in the SetAuthTicket method.
This method returns False if the user does not have an AuthTicketType ticket, the ticket is invalid, or the time since the user last logged in has exceeded the specified time window.
If the ticket is within five minutes of expiring, the last login time is refreshed to the current time, allowing an additional period for the ticket to be valid.
- The expiration timestamp starts when the user initially logs on to the Web site. It does not update on subsequent requests. If your users are experiencing AuthTicket expirations, we recommend that you increase the time window.
If after you increase the time window, and the AuthTicket continues to expire, you can set a new AuthTicket upon each Web page hit. However, you must make sure that the user is already authenticated so you do not issue the user a ticket when they should not have one. If you issue a ticket on every page, you will experience a performance degradation on your Web site.
Ensure a log-off page is created and called for any logged-in user. The log-off page should either expire the AuthTicketType cookie or clear its contents.
Platforms: Windows 2000, Windows Server 2003
Assembly: mscsauthlib (in mscsauthlib.dll)
See AlsoCopyright © 2005 Microsoft Corporation.
All rights reserved.