AuthManager.IsAuthenticated
Use this method to determine whether the current user has a valid MSCSAuth ticket. This method also allows the determination of whether the user has been authenticated within a specified period of time.
Definition
Function IsAuthenticated(OptionalTimeWindow As Long) As Boolean
Parameters
TimeWindow
[in, optional, defaultvalue (0)] A Long that contains a time period in minutes.
Return Values
If this method completes successfully, it returns a Boolean that indicates the authentication status of the current user.
Error Values
This method sets the Number property of the global Err object to S_OK (&H00000000) to indicate success and to either standard or custom COM error values to indicate failure. For more information about standard COM errors, see Standard COM Errors.
The following table shows the custom COM errors that this method can return.
Constant | Value | Description |
E_UPM_AUTHMANAGER_API_ASP_ONLY | &HC1004C24 | This method should only be called within an ASP page. |
MSG_UPM_AUTH_SITE_NEEDED_ERROR | &HC1004C10 | The Initialize method must be called with the installed site name before calling this method. |
Additional information may be available using the global Err object. In particular, the Description property may contain a text description of the error.
Remarks
A MSCSAuth ticket contains the time the user last logged in and a time window of validity. The ticket is no longer valid if the time since the last login has exceeded the time window specified in the SetAuthTicket method when the ticket was generated.
The optional time window parameter, TimeWindow, of this method allows checking whether the time since the user last logged in has exceeded a shorter time interval than the time window specified by the SetAuthTicket method. The default value of zero (0) is equivalent to setting the time window to the same value as specified in the SetAuthTicket method.
This method returns False if the user does not have an MSCSAuth ticket, the ticket is invalid, or the time since the user last logged in has exceeded the specified time window.
If the ticket is within five minutes of expiring, the last login time is refreshed to the current time, allowing an additional period for the ticket to be valid.
Ensure a log-off page is created and called for any logged-in user. The log-off page should either expire the MSCSAuth cookie or clear its contents.
For more information about memory ownership issues related to COM property and method parameters, see Managing COM Parameter Memory.