Re: User.IsInRole not redirecting
From: Paul Glavich (glav_at_aspalliance.com-NOSPAM)
Date: 11/22/03
- Next message: Teemu Keiski: "Re: Web.HttpContext.Current.User.Identity.Name is blank"
- Previous message: Bob Erwin: "User.IsInRole not redirecting"
- In reply to: Bob Erwin: "User.IsInRole not redirecting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 22 Nov 2003 16:58:17 +1100
You need to associate your principal with associated roles for each request
that comes in. Once you have authenticated and redirected, typically all
that will be passed along (automatically that is) is that the user has been
authenticated. A common way of carrying the roles across multiple requests
is, once authenticated, store the roles in the cookie that is issued to the
client. Each request that comes in (via the Application_AuthenticateRequest
event in Global.asax), you extract the roles, create your generic principal
with the extracted roles, and associate that generic principal wih the
current context . When doing this, you should also remember to encrypt the
cookie.
--
- Paul Glavich
"Bob Erwin" <berwin@msbob.com> wrote in message
news:#9cbNiGsDHA.2828@tk2msftngp13.phx.gbl...
> Hi there,
>
> I have been reading up on Authorization and role based security for a
couple
> of days now, and am trying to implement this in my applications.
>
> I'm having a problem with my roles being reconized by using the
> user.isinrole("test") on the redirected page after the Login.
>
> for instance, here is my code after I log into the page:
>
>
> Dim test() As String = {"OEM", "test"}
> HttpContext.Current.User = New GenericPrincipal(User.Identity, test)
> FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, False)
>
> At this point if I break at the formsAuthentication.....I watch the
> User.isinrole("test") it shows up true, however, when I get redirected to
> the webform1.aspx page and also watch user.isinrole("test") then it is
> false.
>
> I'm really confused on what I need to do...I've tried the
> Threading.currentprincipal = new genericPrincipal(User.Identity, test) and
> that didn't work as well. The User.identity.isauthenticated does come
over
> and also the User.identity.name comes over, it is just the
> user.isinrole("test") that does not come over.
>
> Any thoughts?
>
> You help is greatly appreciated...
>
> Thanks,
> Bob
>
>
- Next message: Teemu Keiski: "Re: Web.HttpContext.Current.User.Identity.Name is blank"
- Previous message: Bob Erwin: "User.IsInRole not redirecting"
- In reply to: Bob Erwin: "User.IsInRole not redirecting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
