Cannot retrieve UserData in Forms Authentication

From: tom hamilton (thamilton_at_pacificlife.com)
Date: 07/25/03 

Date: Thu, 24 Jul 2003 17:51:22 -0700

Your code matches what I use. And I just re-ran my code,
and am getting user data back from the cookie.

I assume your setting the ticket in a login page. And
have added the necessary web.config entries. I haven't
tried my code against a browser that doesn't accept
cookies.

Sorry that the only assitance is to note that your code
appears correct. I'm only guessing that the problem lies
in configuration.

>-----Original Message-----
>I am using FormsAuthentication for my application, and in
>the UserData property of the FormsAuthenticationTicket
>I'm storing the roles that the user is a member of, to
>retrieve in global.asax and create a GenericPrincipal
>object. Problem is, after the user logs in, I can get
>the ticket just fine from the cookie, and all the data is
>there -- except for the UserData property. It's empty.
>
>I set the UserData as follows:
>
>Dim authTicket As New FormsAuthenticationTicket(1,
>txtUserID.Text, DateTime.Now, DateTime.Now.AddHours(1),
>False, GetRoles(txtUserID.Text))
>Dim encryptedTicket As String =
>FormsAuthentication.Encrypt(authTicket)
>Dim authCookie As New HttpCookie
>(FormsAuthentication.FormsCookieName, encryptedTicket)
>Response.Cookies.Add(authCookie)
>
>Then I get the same cookie back in global.asax:
>
>Dim cookieName As String =
>FormsAuthentication.FormsCookieName
>Dim authCookie As HttpCookie = Context.Request.Cookies
>(cookieName)
>
>If authCookie Is Nothing Then Exit Sub
>
>Dim authTicket As FormsAuthenticationTicket =
>FormsAuthentication.Decrypt(authCookie.Value)
>
>If authTicket Is Nothing Then Exit Sub
>
>Dim roles() As String = Split
>(authTicket.UserData, "|") ' Roles are in the
>format "Role1|Role2|...|RoleN"
>
>Dim id As New FormsIdentity(authTicket)
>
>Dim principal As New GenericPrincipal(id, roles)
>
>Context.User = principal
>
>And the user isn't in the given roles. I went back and
>put:
>
>Response.Write("'" & authTicket.UserData & "'")
>
>in the global.asax file, and I get an empty string.
>Anyone have an idea?
>.
>

Relevant Pages

  • Re: DESPERATE: FormsAuthentication Problem
    ... >>> database and create a semicolon delimited string listing the roles ... >>> them in the forms authentication cookie. ... >>> Dim authTicket As FormsAuthenticationTicket = New ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: problem with slidingExpiration
    ... DateTime dt= DateTime.Now; ... //cripto l'authentication ticket ... string cookiestr = FormsAuthentication.Encrypt; ... //aggiungo il cookie ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Ticket disappears when browser is closed
    ... be careful - if the cookie is save to the users harddrive - anyone who has access to that directory can grab the cookie and bypass authentication. ... Dim New DatabaseUser ... Dim userData As String = DatabaseUser.UserData ... ByVal PersonID As Integer, ByVal roles As String) ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: DESPERATE: FormsAuthentication Problem
    ... > them in the forms authentication cookie. ... > ' Get ";" delimited string of the user's roles from the database ... > Dim authTicket As FormsAuthenticationTicket = New ...
    (microsoft.public.dotnet.framework.aspnet)
  • Ticket disappears when browser is closed
    ... I am new to ASP.Net Forms Authentication but read the newsgroup thorughly. ... Dim New DatabaseUser ... Dim encTicket As String = FormsAuthentication.Encrypt ... 'Create the cookie. ...
    (microsoft.public.dotnet.framework.aspnet.security)