The FormsAuthentication.RequireSSL property value is set in the configuration file for an ASP.NET application by using the requireSSL attribute of the forms configuration element. You can specify in the Web.config file for your ASP.NET application whether SSL (Secure Sockets Layer) is required to return the forms-authentication cookie to the server by setting the requireSSL attribute . For more information, see System.Web.HttpCookie.Secure.

It is recommended that if you configure requireSSL as false, you also configure slidingExpiration as false, to reduce the amount of time for which a ticket is valid.

Namespace: System.Web.Security
Assembly: System.Web (in System.Web.dll)
Assembly Versions: 1.0.5000.0, 2.0.0.0