<forms name= “MyCookie”

loginURL= “URL”

//Specifies the URL to which the request is redirected for login if no valid authentication cookie is found.

protection = “All|None|Encryption|Validation”

//Indicates how the application intends to protect the authentication cookie

timeout= “30”

//specifies the time in minutes after which the cookie will expire.  Default value is 30.

requireSSL= “true|false”>

//Indicates whether a secure SSL connection is required to transmit authentication cookie.  The value is false by default.

path= “/”

//Specifies the path for the authentication cookies issued by the application.  The default value is a slash(/)

cookieless= “UseCookies|UseUri|AutoDetect|UseDeviceProfile”

//Use cookie directs the application to always use the cookie regardless of browser capabilities.

//UseUri—never use cookies, regardless of browser capabilities

//AutoDetect—use cookies if the browser has cookie support enabled.  Otherwise use cookieless mechanism.

//UseDeviceProfile—use cookies if the browser supports them and uses the cookieless mechanism otherwise.  Do not check whether cookie support is enabled or not.

defaultUrl= “url”

//Set the default name of the page to be returned after request has been successfully authenticated. By default the url is default.aspx.  This is to be set only if no ReturnUrl variable is found in the URL login page.

domain= “String”>

//specifies the optional domain that is assigned to the domain property of the HTTPCookie class for outgoing authentication cookies.

<Credentials passwordFormat= “Clear|SHAI|MD5”>

<user name= “…” password= “…”/>