FormsAuthentication with custom encryption key

Question

FormsAuthentication with custom encryption key

Is there a way not to use <machineKey> and instead provide your own key at runtime. Trying to find a way to read a key from an SQL database or any centralized repository and somehow provide its FormsAuthentication.

+4

asp.net forms-authentication

Cosmin onea Nov 11 '09 at 20:56

source share

3 answers

You can put the machineKey section in web.config for your application. Is that what you mean?

+1

Jarrett meyer Nov 11 '09 at 21:00

source share

You can hook into the HttpApplication.Authenticate event in your global.asax and create your own authentication module that can use any key you need. Take a look at the AuthenticationModule Monoformats for an example of how FormsAuthenticationTicket et al. Are used to handle cookie lifetimes.

+1

Gonzalo Nov 11 '09 at 21:06

source share

Cosmin onea · Accepted Answer · 2009-11-20T00:30:47+0000

It seems impossible. I switched to the Windows Identity Foundation.

FormsAuthentication with custom encryption key

More articles: