Share via


AuthManager Class (BCL)

Use this object to perform user identification and authentication and to manage user security information.

System.Object
   Microsoft.CommerceServer.Runtime.AuthManager
      Microsoft.CommerceServer.Runtime.AuthenticationInfo

Public Instance Constructor

Constructor Description
AuthManager Constructor(String, DebugContext) Creates a new instance of the AuthManager class.

 

Public Instance Methods

Method Description
Dispose Releases resources used by this object.
GenerateEncryptionKey Generates an encryption key for encrypting/decrypting cookie and query string data for tickets.
GetUserIDFromCookie(String) Retrieves the user ID from a specified cookie.
GetUserIDFromCookieAndKey(String, String) Retrieves the user ID from a specified cookie using an encryption key.
IsAuthenticated Determines whether the current user has a valid MSCSAuth ticket. Determines if the user was authenticated within the default time window of 90 minutes.
IsAuthenticated(Int32) Determines whether the current user has a valid MSCSAuth ticket. Determines if the user was authenticated within the given time window.
Refresh(String) Updates the cached site configuration resource properties after any of the properties have been changed.
SetAuthTicket(String, Boolean) Sets an encrypted MSCSAuth ticket for a registered user with the default time window of 90 minutes.
SetAuthTicket(String, Boolean, Int32) Sets an encrypted MSCSAuth ticket for a registered user.
SetProfileTicket(String, Boolean) Sets an MSCSProfile ticket for an anonymous user.

Public Instance Properties

Property Description
AuthTicket Retrieves the AuthTicket property.
ProfileTicket Retrieves the ProfileTicket property.

 

Protected Instance Methods

Method Description
CheckState Verifies that the object has not already been disposed.
Dispose(Boolean) Releases the unmanaged resources used by this class and optionally releases the managed resources.

 

Remarks

The methods GetUserIDFromCookie(String), GetUserIDFromCookieAndKey(String, String) and GenerateEncryptionKey, facilitate rolling key encryption functionality. For more information about this feature, see Rolling Key Encryption.

Any operation that requires decryption of the ticket will fail if you change the encryption key. One important instance of this behavior is with profile tickets, because they are persisted on the client computer. Hence when a user with a persisted profile ticket that was encrypted with the old key comes back to the site, the AuthManager is not be able to decrypt this ticket. For more information about this issue, see Rolling Key Encryption.

Requirements

Namespace: Microsoft.CommerceServer.Runtime

Platforms: Windows 2000, Windows Server 2003

Assembly: Microsoft.CommerceServer.Runtime.dll

Copyright © 2005 Microsoft Corporation.
All rights reserved.