Re: lack of understanding of principals, identities, and context

• Previous message: Calvin: "worker process aspnet_wp.exe identity"
• In reply to: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Next in thread: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Reply: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 20 Aug 2003 20:20:22 +1000

> HttpContext is request specific (recreated for every request) and
therefore
> you'd need to set the user on every request that means creating instance
of
> FiveADayPrincipal and assigning it to the Context.User.
>
> Therefore there exists methods in Global.asax as
> Application_AuthenticateRequest as they are called on every request and
can
> be used to set the Principal.

So, if you are not using cookies, what is the best way to maintain state
across a session? Do you set a session variable, say UserID, when the user
logs in, and get the user information from this in the Global.asax
Application_AuthenticateRequest each time to repopulate the context object?

If you've gone this far with rolling your own solution, why bother with
setting the MS context authentication stuff on each Global.asax
Application_AuthenticateRequest, but instead just check the filepath using
HttpContext.Current.Server.MapPath() (or whatever else you need to configure
you authentication framework) and set roles and permissions accordingly in
your own framework (eg session variables)?

It would not be too heavy (only involving two or three session variables, eg
userID, role, and permissions).

What would be the pros and cons of this approach?

MS have not made their forms authentication framework intuitive at all IMO.

Lauchlan M

• Previous message: Calvin: "worker process aspnet_wp.exe identity"
• In reply to: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Next in thread: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Reply: Teemu Keiski: "Re: lack of understanding of principals, identities, and context"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]