What is Thread Safe Collection?

People use to said that writing a collection which is mutable, thread safe and usable is an extremely difficult process. Since the .NET 4 introduce the system.collection.concurrent namespace, multiple threads can safely and efficiently add or remove items from these collection without requiring additional synchronization in user code. When you write new code, use the concurrent collection classes whenever the collection will be writing to multiple threads concurrently and in this article I’ll going to show you about thread safe collection in Concurent Queue.

Concurent in .Net

Concurrent collections in .NET work very much like their single-thread counterparts with the difference that they are thread safe. These collections can be used in scenarios where you need to share a collection between Tasks. They are typed and use a lightweight synchronisation mechanism to ensure that they are safe and fast to use in parallel programming.

Concurrent queues

The Queue of T generic collection has a thread-safe counterpart called ConcurrentQueue. Important methods:

1. Enqueue(T element): adds an item of type T to the collection
2. TryPeek(out T): tries to retrieve the next element from the collection without removing it. The value is set to the out parameter if the method succeeds. Otherwise it returns false.
3. TryDequeue(out T): tries to get the first element. It removes the item from the collection and sets the out parameter to the retrieved element. Otherwise the method returns false

The ‘try’ bit in the method names implies that your code needs to prepare for the event where the element could not be retrieved. If multiple threads retrieve elements from the same queue you cannot be sure what’s in there when a specific thread tries to read from it.

Example

Declare and fill a concurrent queue:

ConcurrentQueue<int> concurrentQueue = new ConcurrentQueue<int>(); 
for (int i = 0; i < 5000; i++)
{
    concurrentQueue.Enqueue(i);
}
We’ll want to get the items from this collection and check if all of them have been retrieved using a counter. The counter will also be shared among the threads using the ‘lock’ technique we saw in this post – or actually something that is similar to the ‘lock’ keyword: the Interlocked class. Interlocked has an Increment method which accepts a ref int parameter. It will increment the incoming integer in an atomic operation.

int itemCount = 0;
Task[] queueTasks = new Task[20];

for (int i = 0; i < queueTasks.Length; i++)
{
    queueTasks[i] = Task.Factory.StartNew(() =>
    {
        while (concurrentQueue.Count > 0)
        {
            int currentElement;
            bool success = concurrentQueue.TryDequeue(out currentElement);
            if (success)
            {
                Interlocked.Increment(ref itemCount);
           }
        }
    });
}

The while loop will ensure that we’ll try to de-queue the items as long as there’s something left in the collection.
Wait for the tasks and print the number of items processed – the counter should have the same value as the number of items in the queue:

Task.WaitAll(queueTasks);
Console.WriteLine("Counter: {0}", itemCount);

This Article will tell you how to faster loading of your ASP Pages and make the performance better, If you read the internet and all of the websites dedicated to Asp.Net you will inevitably read about the wonders of the DataGrid, DataList, and Repeater controls. While each of these has its place, if you are only displaying data there is a much faster and more efficient means to do so. Let's say you have a page that displays articles based on a query string. A normal asp page execution procedure goes like this. The code queries the database based on the Article I.D. and then brings back that information to the page where you display it in the fashion that you would like. This is a fairly straight forward approach with asp and is done all the time.

Check The Easy Step Below!

Use Asp.Net Caching

This is a no-brainer, and I won't go into the brilliance or details of asp.net caching here because at the time of this writing Google has 2,780,000 articles on the topic. Basically instead of querying the database each time the page is loaded you only query the database once and load that result into the system cache. Subsequent calls to load the page retrieve the data from the cache as opposed to the database which gives you an instant and considerable performance boost. You can then set the cache for how long the cache should store the information as well as many other features. If you are not using the cache, you should be whenever possible!

If possible, do NOT use the standard Asp.Net controls.

That's right. The standard asp.net controls are designed for rapid development and not page performance. They allow you to design pages that grab and display data very quickly but their actual performance suffers because of the extra overhead which is there for ease and speed of development time and not page execution speed.

Instead, create either a User Control or even better yet a Web Custom Control which is by far the fastest performance wise and really quite easy to create and use.

Use an SqlDataReader or even better yet use a set based command for Sql Server data retrieval and simply execute that one command against the database.

An asp.net SqlDataReader is a fast forward only datareader that closes the connection after it reads the last set of results. Now for my article pages we are only returning 1 particular result. In this case we would opt for the set based command. If you had more than 1 result returned, in your table of contents for instance, you would use the SqlDataReader because you are returning multiple sets of results.

Set based commands are stored procedures that bring back data through parameters as opposed to a result set which then in turn needs to be looped through to obtain your data. So instead of writing your stored procedure like the following which brings back 1 result set:

Select Title, Body, Author
From Articles
Where ArtID = 215

We can write it using a set based command like this.

Create Procedure mysp_GetArticle

@Title varchar(200) Output,
@Body varchar(8000) Output,
@Author varchar(500) Output

As

Select @Title = Title, @Body = Body, @Author = Author
From Articles
Where ArtID = 215

GO
The above query will return only the three parameters called for and not a result or record set so you
don't have to then walk through the returned record set that has only 1 result in it anyway. This second
little process of work decreases your performance so you should avoid it whenever possible. Combine
this technique with the asp.net cache

Use Classes and ArrayLists as opposed to returning an SqlDataReader.

Create a class and then if there are more than one set of results store those results into individual instantiations of that class. Finally store each of those classes into an ArrayList. You can then store only that ArrayList into the asp.net cache. So instead of getting the results back from a SqlDataReader when loading your page you get them from the ArrayList which is stored in the cache.

On the first time the page loads, query the database and return all of your data storing it into individual classes. Then store each of those classes into an ArrayList. If you only have one single result you may store only the class into the cache. Then take your ArrayList and store it into the cache.

Next create a Web Custom Control and pass the cached ArrayList to the custom control and loop out your data using the HtmlTextWriter which is very fast. Remember each subsequent call to load the page will be called from the cache which stores your ArraList of classes or your single class.

Certainly it takes a significant amount of additional coding to do it in this fashion, especially when you take proper error handling into consideration, but if you follow this approach your pages will be screeching fast, you will immediately notice the difference, and your asp.net pages will execute in the proper sequence - Data handling in the Page_Load function and the html display in the Page_Render function.

This is only simple tutorial how to count number of visitors to a website in asp.net using C#. Just only brief description and hope you enjoy this tutorial

1. First thing to do is open Global.asax file and write the code as shown below

void Application_Start(object sender, EventArgs e)
{
Application["VisitorCount"] = 0;
}

void Session_Start(object sender, EventArgs e)
{
Application["VisitorCount"] = (int)Application["VisitorCount"] + 1;
} 

void Session_End(object sender, EventArgs e)
{
Application["VisitorCount"] = (int)Application["VisitorCount"] - 1;
}

2. Now open your aspx page in which you want to show the count and write the following code.

<div>
<asp:Label ID="lbl_Count" runat="server" ForeColor="Red" /> 

</div>

3. You’ll see the below code in the cs file on page load event

protected void Page_Load(object sender, EventArgs e)
{
lbl_Count.Text = Application["VisitorCount"].ToString();
}

Good luck and hope this tutorial help

ASP.NET 4.5 offer many great feature. Previously, we have discussed about one of new feature on ASP.NET 4.5, Key HTML Editor Features in ASP.NET 4.5. In today post, we will discuss about how to use ListView Control in ASP.NET 4.5

ASP.NET ListView Control has a great features that GridView and Repeater controls had control over the markup. The ListView Control allows you to display the data in various formats including grid format, bulleted list format and in flow format.

How to Insert and Delete Data with the ListView Control

OK, let’s get started

1. Drag the ListView control from data category of the toolbox to default.aspx page and choose the datasource for the control as shown below

2. Configure ListView option from ListViewControl smart tags as shown below

Provide the template information by selecting the desired template and also it allows you to select style for control. It also allows you to enable operations such as inserting and updating.

3. Add some custom styling to the control by adding a class as shown below

<LayoutTemplate>
            <ul id="itemPlaceholderContainer" runat="server" class="ItemStyle">
                <li runat="server" id="itemPlaceholder" />
            </ul>
</LayoutTemplate>

4. Remove the Id columns from ItemTemplate as these mark-ups generated automatically when you configure the control and columns. Repeat the same for InsertItemTemplate.

5. Add the custom styles to item containers as below

.ItemStyle
{
  width: 800px;
  list-style-type:none;
  clear:both;
}

.ItemStyle li
{
  height: 300px;
 width:250px;
 float:left;
}
.ItemStyle li img
{
 width:180px;
margin: 10px 20px 10px 0;
}

6. Run your application and you’ll see the result

Hosting Your ASP.NET 4.5 Site with HostForLIFE.eu

If you need/looking for cheap and reliable ASP.NET 4.5 hosting with European server, you can rely on us. We have support the latest ASP.NET 4.5 on our shared hosting environment. You can always start from only €1.29/month to test drive your new ASP.NET 4.5 application. Why wait longer??

Sometimes, we will get requirements where we need to zip the files at runtime before sending it to the client side. For example, if our ASP.NET 4.5.2 application allows users to download multiple files at a time it will be better if we can zip it as a single file and make it available in a single download instead of downloading them individually. Doing this will give performance benefits and better user experience. Today, I wanted a simple way to create a backup of my posts, without resorting to FTP.  My solution is to create a URL that allows me to download the entire posts folder as a zip archive. To do the zipping, I used DotNetZip which is available as a nuget package and has a nice clean API.

Then in the Razor view (e.g. export.cshtml), the following code can be used to create a zip archive:
@using Ionic.Zip
@{
    Response.Clear();
    Response.BufferOutput = false; // for large files
    System.Web.HttpContext c= System.Web.HttpContext.Current;
    string archiveName= String.Format("archive-{0}.zip",
            DateTime.Now.ToString("yyyy-MMM-dd-HHmmss"));
    Response.ContentType = "application/zip";
    Response.AddHeader("content-disposition", <br>             "filename=" + archiveName);
    var postsFolder = Server.MapPath("~/posts");
    using (ZipFile zip = new ZipFile())
    {
        zip.AddDirectory(postsFolder);
        zip.AddEntry("Readme.txt",
            String.Format("Archive created on {0}", DateTime.Now);
        zip.Save(Response.OutputStream);
    }
    Response.Close();   
}
It’s very straightforward, and I have also shown adding your own custom readme.txt from a string. If you’d rather add each file manually, just provide an enumeration of files to add to zip.AddFiles.

Finally, it would probably not be a great idea to let anyone call this, so you can protect it with a simple call to IsAuthenticated:
if (User.Identity.IsAuthenticated)

HostForLIFE.eu, a leading Windows web hosting provider with innovative technology solutions and a dedicated professional services team proudly announces New Data Center in London (UK) and Seattle (US) for all costumers. HostForLIFE’s new data center in London and Seattle will address strong demand from customers for excellent data center services in Europe and United States, as data consumption and hosting services experience continued growth in the global IT markets.

The new facility will provide customers and their end users with HostForLIFE.eu.com services that meet in-country data residency requirements. It will also complement the existing HostForLIFE.eu. The London and Seattle data center will offer the full range of HostForLIFE.eu.com web hosting infrastructure services, including bare metal servers, virtual servers, storage and networking.

"Our expansion into London and Seattle gives us a stronger European and American market presence as well as added proximity and access to our growing customer base in region. HostForLIFE.eu has been a leader in the dedicated Windows & ASP.NET Hosting industry for a number of years now and we are looking forward to bringing our level of service and reliability to the Windows market at an affordable price,” said Kevin Joseph, manager of HostForLIFE.eu, quoted in the company's press release.

The new data center will allow customers to replicate or integrate data between London and Seattle data centers with high transfer speeds and unmetered bandwidth (at no charge) between facilities. London and Seattle, itself, is a major center of business with a third of the world’s largest companies headquartered there, but it also boasts a large community of emerging technology startups, incubators, and entrepreneurs.

For more information about new data center in London and Seattle, please visit http://www.HostForLIFE.eu

About Company
HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes.

Hello, in this post, I will describe short tutorial about how to solve The specified string is not in the form required for an e-mail address. I found many people find this error on forums. Here is the error message:

As you can see above, that is the error message that you might find. So, what’s the problem?

OK, the problem in this case is not from the page itself, but it comes from your web.config file. This configuration file has a <system.net /> element that enables you to store information about the mail server and the from account. I will give you 2 examples below how it will crash your page:

<system.net>
  <mailSettings>
    <smtp from="you.yourprovider.com">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

Please see the missing @ symbol in the mail address. And other error may come from incorrect encoded angled brackets, see this:

<system.net>
  <mailSettings>
    <smtp from="Your Name &lt;[email protected]">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

This from attributes has an opening < character (encoded as &lt;) but lacks the closing > bracket. To avoid the error, make sure the e-mail address in the from attribute has a valid syntax and uses the right angled brackets (if you use both a name and an e-mail address) like this:

<system.net>
  <mailSettings>
    <smtp from="Your Name &lt;[email protected]&gt;">
      <network host="smtp.yourprovider.com"/>
    </smtp>
  </mailSettings>
</system.net>

If you are curious why your code crashed, then you can use Reflector and take a look in the class’s constructor code:

public MailMessage()
{
  this.body = string.Empty;
  this.message = new Message();
  if (Logging.On)
  {
    Logging.Associate(Logging.Web, this, this.message);
  }
  string from = SmtpClient.MailConfiguration.Smtp.From;
  if ((from != null) && (from.Length > 0))
  {
    this.message.From = new MailAddress(from);
  }
}

Here you can see that the code uses the (internal and static) MailConfiguration property of the SmtpClient class that in turn provides access to the From name and address. This name and address value is then passed into the constructor of the MailAddress class which performs the actual validation using its private ParseValue method.

Choosing Best ASP.NET Hosting with HostForLIFE.eu

We know that it is quite hard to find good asp.net hosting in Europe. Why you need to choose us to be your hosting partner?

HostForLIFE.eu is awarded Top No#1 SPOTLIGHT Recommended Hosting Partner by Microsoft (see www.microsoft.com/web/hosting/HostingProvider/Details/953). Our service is ranked the highest top #1 spot in several European countries, such as: Germany, Italy, Netherlands, France, Belgium, United Kingdom, Sweden, Finland, Switzerland and other European countries.

Today, I want to explain how to use Chart in ASP.NET 4.5.2, in Data Section. When you want to display your data with graphic and chart, you can use Chart. The Chart can render an image that displays data in a variety of chart types. Chart can render more than 30 types of charts, including all the types of charts that you might be familiar with from Microsoft Excel or other tools (area charts, bar charts, column charts, line charts, and pie charts, along with more specialized charts like stock charts).

And here is the Table Design.

And Here is the Code

<body>
    <form id="form1" runat="server">
        <div>
       <asp:Chart ID="Chart1" runat="server" BorderlineWidth="0" Width="550px">
        <Series>
        <asp:Series Name="Series1" XValueMember="Year" YValueMembers="Jan" LegendText="Jan"   IsValueShownAsLabel="false" ChartArea="ChartArea1" MarkerBorderColor="#DBDBDB"></asp:Series>
        <asp:Series Name="Series2" XValueMember="Year" YValueMembers="Feb" LegendText="Feb" IsValueShownAsLabel="false" ChartArea="ChartArea1" MarkerBorderColor="#DBDBDB"></asp:Series>
         <asp:Series Name="Series3" XValueMember="Year" YValueMembers="March" LegendText="March" IsValueShownAsLabel="false" ChartArea="ChartArea1" MarkerBorderColor="#DBDBDB"></asp:Series>
         <asp:Series Name="Series4" XValueMember="Year" YValueMembers="April" LegendText="April" IsValueShownAsLabel="false" ChartArea="ChartArea1" MarkerBorderColor="#DBDBDB"></asp:Series>
          <asp:Series Name="Series5" XValueMember="Year" YValueMembers="May" LegendText="May" IsValueShownAsLabel="false" ChartArea="ChartArea1" MarkerBorderColor="#DBDBDB"></asp:Series>        
  </Series>
            <Legends>
            <asp:Legend Title="Month"></asp:Legend>
                </Legends>
                <Titles>
                    <asp:Title Docking="Bottom" Text="Percentage"></asp:Title>
                </Titles>
                <ChartAreas>
                    <asp:ChartArea Name="ChartArea1"></asp:ChartArea>
               </ChartAreas>
            </asp:Chart>
        </div>
    </form>
</body>

Aspx.Cs coding
SqlConnection con = new SqlConnection("Your Connection String");
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            FetchReportData();
        }
    }  
public void FetchReportData()
    {
        SqlCommand cmd = new SqlCommand("select * from Percentage",con);
        SqlDataAdapter da = new SqlDataAdapter(cmd);
        DataSet ds = new DataSet();
        da.Fill(ds);              
        Chart1.DataSource = ds;       
        Chart1.DataBind();  

}

ASP.NET is a powerful programming interface and server side scripting application based on the Windows operating system. In this article We would like to share about how to select the suitable ASP.NET 4.5.2 Hosting plan in United Arab Emirates.

On choosing the ASP.NET web hosting providers, it recommended to search for a hosting provider that offers the latest hosting technology. ASP.NET 4.5.2 hosting normally comes with a Plesk control panel so that you are able to manage the ASP.NET websites and applications that you have under your web hosting account with ease from a web based control panel.  You can use Plesk to setup and configure Microsoft SQL Server 2012/2014 databases in your hosting account as well as to set permissions on any files that you have hosted on ASP.NET 4.5.2 hosting account.

A good ASP.NET hosting provider will offer complete hosting package that provides database server software, scripting software, web content management system and reliable support for you whenever you facing any hosting issues.

Windows & ASP.NET 4.5.2 Hosting in United Arab Emirates ensure that the websites are functioning well without any problems. Web hosting company provides efficient services for problem solving and updating of websites. We also make available the maximum space on the server so that you can host multiple websites on the server at the same time without paying anything extra.

Why do you choose HostForLIFE.eu as ASP.NET Hosting Solution in United Arab Emirates ?

HostForLIFE.eu stands out as one of the best shared hosting accounts on the Windows and ASP.NET Hosting with as low as €3.00  per/month you can host unlimited websites and unlimited space on our shared hosting account. Here is the following features on HostForLIFE.eu’s ASP.NET Hosting plan:

• Unlimited Domain, Unlimited Diskspace and Unlimited Bandwidth
• Windows Server 2008 and Windows Server 2012
• ASP.NET Classic, ASP.NET 1.1, ASP.NET  2.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2 support
• ASP.NET Ajax support
• ASP.NET MVC 2.0 – MVC 5.2 support
• SQL Server 2008, 2012, and SQL Server 2014 support
• Plesk Control Panel
• Full Trust & Dedicated Pool
• PHP 5.5 Support
• Ultra Fast Server
• 24/7 Antivirus Scanning and 24/7 Windows Firewall Scanning

One unique feature apart HostForLIFE is our customer care service. With personnel ready to chat with you no matter the time, it is a big advantage over our competitors. Our quick response to your questions and concerns also makes them the best on the market. With our 24/7/365 days support team in place, you will know you are getting the best value for your money. We also have an easy to use website to help you make the right choice of web hosting package so you can experience an equally easy web hosting process.

You have a 30 days money back guarantee policy from HostForLIFE.eu. You get the chance to try our services for the 30 days period and if not satisfied, you will have your money back with no questions asked.

When you talk about authentication in ASP.NET you will most undoubtedly hear the mention of the MembershipProvider. I'm here to tell you not to go down that road. That road will only lead to tears and suffering. This post will help you understand and implement your ASP.NET authentication built on top of FormsAuthentication. I hope you take away that building this stuff is not hard as long as you don't try to over think it.

Before I show you how to implement a kick-butt authentication system, I'll show you the simplest solution you could build.

FormsAuthentication.SetAuthCookie(user.Id, createPersistentCookie: true);

Congratulations you are now officially signed into your ASP.NET application using forms authentication. Notice I don't have any SQL migrations, crazy classes, or any other crap you didn't ask for.

The code above writes a cookie to the response of the current HttpContext. On the user's next request that cookie will be passed back to the server and used to check whether they are authenticated or not.

Password Hasher

Hashing passwords is really easy with .NET. The trick is to generate a salt with every password. The idea of the salt is not to be a secret, but to be unique every time. This makes it difficult for hackers to process all your passwords in the case your system is compromised. This is my standard password hasher:

public static class PasswordHasher {
    private const int SaltSize = 64;

    public static Passphrase Hash(string password) {
        if (password == null) throw new ArgumentNullException("password");

        byte[] passwordBytes = Encoding.Unicode.GetBytes(password);
        byte[] saltBytes = CreateRandomSalt();
        string hashedPassword = ComputeHash(passwordBytes, saltBytes);

        return new Passphrase {
            Hash = hashedPassword,
            // Convert salt from byte[] to string
            Salt = Convert.ToBase64String(saltBytes)
        };
    }

    public static bool Equals(string password, string salt, string hash) {
        return String.CompareOrdinal(hash, Hash(password, salt)) == 0;
    }

    public static string GenerateRandomSalt(int size = SaltSize) {
        return Convert.ToBase64String(CreateRandomSalt(size));
    }

    private static string ComputeHash(byte[] password, byte[] salt) {
        var passwordAndSalt = new byte[salt.Length + password.Length];

        Buffer.BlockCopy(salt, 0, passwordAndSalt, 0, salt.Length);
        Buffer.BlockCopy(password, 0, passwordAndSalt, salt.Length, password.Length);
        byte[] computedHash;
        using (HashAlgorithm algorithm = new SHA256Managed()) {
            computedHash = algorithm.ComputeHash(passwordAndSalt);
        }
        return Convert.ToBase64String(computedHash);
    }

    private static string Hash(string password, string salt) {
        return ComputeHash(Encoding.Unicode.GetBytes(password), Convert.FromBase64String(salt));
    }

    private static byte[] CreateRandomSalt(int size = SaltSize) {
        if (size <= 0)
            throw new ArgumentException("size must be greater than zero.");

        var saltBytes = new Byte[size];
        using (var rng = new RNGCryptoServiceProvider()) {
            rng.GetBytes(saltBytes);
        }
        return saltBytes;
    }
}

public class Passphrase {
    public string Hash { get; set; }
    public string Salt { get; set; }
}

Principal and Identity

The IPrincipal and IIdentity interfaces are crucial to authentication in .NET. If you have ever used HttpContext, WebForms, or ASP.NET MVC then you are using derivations of these interfaces. It usually comes in the guise of a User property. You don't have to implement these classes, you can always use the GenericPrincipal and GenericIdentity. I like to implement them myself, because it allows me to pass a bit more useful data around in the cookie (remember cookies have size limits).

Let's first look at the IPrinicipal implementation:

public class MuchoPrincipal : IPrincipal {
    private readonly MuchoIdentity _identity;

    public MuchoPrincipal(MuchoIdentity identity) {
        _identity = identity;
    }

    #region IPrincipal Members

    public bool IsInRole(string role) {
        return
            _identity.Roles.Any(
                current => string.Compare(current, role, StringComparison.InvariantCultureIgnoreCase) == 0);
    }

    public IIdentity Identity {
        get { return _identity; }
    }

    public MuchoIdentity Information {
        get { return _identity; }
    }

    public bool IsUser {
        get { return !IsGuest; }
    }

    public bool IsGuest {
        get { return IsInRole("guest"); }
    }

    #endregion
}

Next up is the IIdentity, just take a look:

public class MuchoIdentity : IIdentity {
    public MuchoIdentity(FormsAuthenticationTicket ticket) {
        if (ticket == null) {
            Name = "Guest";
            Roles = new List<string> { "guest" };
            return;
        }

        var data = JsonConvert.DeserializeObject<MuchoCookie>(ticket.UserData);

        if (data == null) {
            AsGuest();
            return;
        }

        Id = data.Id;
        FirstName = data.FirstName;
        LastName = data.LastName;
        Name = string.IsNullOrWhiteSpace(FirstName) || string.IsNullOrWhiteSpace(LastName)
                   ? data.Email
                   : "{0} {1}".With(FirstName, LastName);
        Email = data.Email;
        Roles = data.Roles ?? new List<string> { "user" };
        RememberMe = data.RememberMe;

        try {
            TimeZone = TimeZoneInfo.FindSystemTimeZoneById(data.TimeZone);
        } catch (Exception) {
            TimeZone = TimeZoneInfo.Utc;
        }
    }

    public MuchoIdentity(User user) {
        if (user == null) {
            AsGuest();
            return;
        }

        Id = user.Id;
        Email = user.Email;
        FirstName = user.FirstName;
        LastName = user.LastName;
        Name = string.IsNullOrWhiteSpace(FirstName) || string.IsNullOrWhiteSpace(LastName)
                   ? user.Email
                   : "{0} {1}".With(FirstName, LastName);

        try {
            TimeZone = TimeZoneInfo.FindSystemTimeZoneById(user.TimeZone);
        } catch (Exception) {
            TimeZone = TimeZoneInfo.Utc;
        }
        Roles = new List<string> { user.Role ?? "user" };
    }

    private void AsGuest() {
        Name = "Guest";
        Roles = new List<string> { "guest" };
    }

    public int Id { get; set; }
    public string Email { get; set; }
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public TimeZoneInfo TimeZone { get; set; }
    public bool RememberMe { get; set; }
    public IList<string> Roles { get; set; }

    #region IIdentity Members

    public string AuthenticationType {
        get { return "MuchoForms"; }
    }

    public bool IsAuthenticated {
        get { return !( Id == 0 || string.IsNullOrWhiteSpace(Email)); }
    }

    public string Name { get; protected set;

    #endregion
}

C is for Cookie

The cookie object is really just a data transfer object. Nothing really mind blowing here. I usually create a structure to store my useful information. Again, keep in mind the size limitations of a cookie which is about 4kb (4096 bytes).

public class MuchoCookie {
    public MuchoCookie() {
        Roles = new List<string>();
    }

    public int Id { get; set; }
    public string Email { get; set; }
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public string TimeZone { get; set; }
    public List<string> Roles { get; set; }
    public bool RememberMe { get; set; }
}

FormsAuthenticationService

FormsAuthentication is built right into ASP.NET, but I like to write a littler wrapper around it so I can test and inject it into other classes. Also I create the cookie from the previous section when a user successfully signs in.

public class FormsAuthenticationService : IFormsAuthenticationService {
    private readonly HttpContextBase _httpContext;

    public FormsAuthenticationService(HttpContextBase httpContext) {
        _httpContext = httpContext;
    }

    #region IFormsAuthenticationService Members

    public void SignIn(User user, bool createPersistentCookie) {
        if (user == null)
            throw new ArgumentNullException("user");

        var cookie = new MuchoCookie {
            Id = user.Id,
            Email = user.Email,
            FirstName = user.FirstName,
            LastName = user.LastName,
            RememberMe = createPersistentCookie,
            TimeZone = user.TimeZone,
            Roles = new List<string> { user.Role ?? "user" }
        };

        string userData = JsonConvert.SerializeObject(cookie);
        var ticket = new FormsAuthenticationTicket(1, cookie.Email, DateTime.Now,
                                                   DateTime.Now.Add(FormsAuthentication.Timeout),
                                                   createPersistentCookie, userData);
        string encTicket = FormsAuthentication.Encrypt(ticket);
        var httpCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket) { Expires = DateTime.Now.Add(FormsAuthentication.Timeout) };

        _httpContext.Response.Cookies.Add(httpCookie);
    }

    public void SignOut() {
        // Not worth covering, has been tested by Microsoft
        FormsAuthentication.SignOut();
    }

    #endregion
}

Notice the SignIn method creates the cookie and just writes it to the response using FormsAuthentication. We are leveraging what ASP.NET gives us. There is no reason to reinvent the wheel when it comes to passing secure cookies to the client.

PrincipalService

The principal service helps us get the information out of a cookie and rehydrate our IPrinipal and our IIdentity to our custom implementations. The other added benefit is we can actually set the User property to a Guest principal with extra information if we need it.

public class MuchoSupportPrincipalService : IPrincipalService {
    private readonly HttpContextBase _context;

    public MuchoSupportPrincipalService(HttpContextBase context) {
        _context = context;
    }

    #region IPrincipalService Members

    public IPrincipal GetCurrent() {
        IPrincipal user = _context.User;
        // if they are already signed in, and conversion has happened
        if (user != null && user is MuchoPrincipal)
            return user;

        // if they are signed in, but conversion has still not happened
        if (user != null && user.Identity.IsAuthenticated && user.Identity is FormsIdentity) {
            var id = (FormsIdentity)_context.User.Identity;

            var ticket = id.Ticket;
            if (FormsAuthentication.SlidingExpiration) 
                ticket = FormsAuthentication.RenewTicketIfOld(ticket);

            var fid = new MuchoIdentity(ticket);
            return new MuchoPrincipal(fid);
        }

        // not sure what's happening, let's just default here to a Guest
        return new MuchoPrincipal(new MuchoIdentity((FormsAuthenticationTicket)null));
    }

    #endregion
}

The trick here is just to check the current context for the cookie already being passed in with our request. You need to call this code from your Global.asax as such (note I am using ASP.NET MVC and the dependency resolver built into it).

protected void Application_AuthenticateRequest(object sender, EventArgs e) {
    var principalService = DependencyResolver.Current.GetService<IPrincipalService>();
    var context = DependencyResolver.Current.GetService<HttpContextBase>();
    // Set the HttpContext's User to our IPrincipal
    context.User = principalService.GetCurrent();
}

Usage in Your Code

This is what my ASP.NET MVC controller looks like:

[RequireScheme(Scheme.Https)]
public class AuthenticationController : ApplicationController {
public ActionResult Login(string returnUrl) {

if (User.Identity.IsAuthenticated) {
if (!string.IsNullOrWhiteSpace(returnUrl))
return Redirect(returnUrl);

return RedirectToAction("show", "dashboard");
}

var model = new LoginModel {
ReturnUrl = returnUrl
};

return View(model);
}

[HttpPost]
public ActionResult Login(LoginModel input) {
// validation does password hash check
// you could do it more explicitly
if (ModelState.IsValid) {
Logger.Info("successful!", input.Username);
var user = Db.Users
.FirstOrDefault(u => u.Email == input.Username);
// set cookie
Forms.SignIn(user, input.RememberMe);
return input.HasReturnUrl(Url)
? Redirect(input.ReturnUrl)
: (ActionResult) RedirectToAction("show", "dashboard");
}

Flash.Error("Please try again");

return View("login", input);
}

public ActionResult Logout() {
Forms.SignOut();
return RedirectToAction("login");
}
}

Conclusion

The parts of an authentication system are all infrastructural. It is all smooth sailing once you get over the hump of setting it up. Once the infrastructure is set up you can work on creating your own tables for Users, Profiles, or any other domain model that makes sense. All access to user's is up to you, so feel free to use any data access provider you like: SQL Server, RavenDB, MongoDB, etc. Additionally, the cookie is now yours; feel free to add or remove data from it as you see fit, but always remember the 4kb size limit.