Re: User.IsInRole not redirecting

From: Bob Erwin (berwin_at_msbob.com)
Date: 12/01/03 

Date: Mon, 1 Dec 2003 12:49:35 -0600

Hey Paul,

Thanks for the response. I still have a question with this though. Yes you
are correct that the authenticated user info is passed along automatically
for me. So are you saying that Generic Principals assocated with that
identity are *not* passed? Does that mean that I need to create a new
generic principal and populate it each time I re-direct to a new page?

Thanks,
Bob

"Paul Glavich" <glav@aspalliance.com-NOSPAM> wrote in message
news:ugz5l2LsDHA.2060@TK2MSFTNGP10.phx.gbl...
> You need to associate your principal with associated roles for each
request
> that comes in. Once you have authenticated and redirected, typically all
> that will be passed along (automatically that is) is that the user has
been
> authenticated. A common way of carrying the roles across multiple requests
> is, once authenticated, store the roles in the cookie that is issued to
the
> client. Each request that comes in (via the
Application_AuthenticateRequest
> event in Global.asax), you extract the roles, create your generic
principal
> with the extracted roles, and associate that generic principal wih the
> current context . When doing this, you should also remember to encrypt the
> cookie.
>
> --
> - Paul Glavich
>
>
> "Bob Erwin" <berwin@msbob.com> wrote in message
> news:#9cbNiGsDHA.2828@tk2msftngp13.phx.gbl...
> > Hi there,
> >
> > I have been reading up on Authorization and role based security for a
> couple
> > of days now, and am trying to implement this in my applications.
> >
> > I'm having a problem with my roles being reconized by using the
> > user.isinrole("test") on the redirected page after the Login.
> >
> > for instance, here is my code after I log into the page:
> >
> >
> > Dim test() As String = {"OEM", "test"}
> > HttpContext.Current.User = New GenericPrincipal(User.Identity, test)
> > FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, False)
> >
> > At this point if I break at the formsAuthentication.....I watch the
> > User.isinrole("test") it shows up true, however, when I get redirected
to
> > the webform1.aspx page and also watch user.isinrole("test") then it is
> > false.
> >
> > I'm really confused on what I need to do...I've tried the
> > Threading.currentprincipal = new genericPrincipal(User.Identity, test)
and
> > that didn't work as well. The User.identity.isauthenticated does come
> over
> > and also the User.identity.name comes over, it is just the
> > user.isinrole("test") that does not come over.
> >
> > Any thoughts?
> >
> > You help is greatly appreciated...
> >
> > Thanks,
> > Bob
> >
> >
>
>