Re: User.IsInRole not redirecting
From: Bob Erwin (berwin_at_msbob.com)
Date: 12/02/03
- Previous message: Pete: "Re: achieve password encryption"
- Maybe in reply to: Bob Erwin: "Re: User.IsInRole not redirecting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 2 Dec 2003 03:11:10 -0600
Hey,
NeverMind on my last post. I was able to get this working based on the
information you had provided.
Just for those who are trying to do the same thing, I referenced:
http://www.codeproject.com/aspnet/formsroleauth.asp as well as other Deja
Articles.
And here is my code below:
'in my login button code
........
Dim AuthTicket = New FormsAuthenticationTicket(1, oUserInfo.EmailAddress,
DateTime.Now, DateTime.Now.AddMinutes(30), False, oUserInfo.UserRoles,
FormsAuthentication.FormsCookiePath)
Dim hash As String = FormsAuthentication.Encrypt(AuthTicket)
Dim cookie As New HttpCookie(FormsAuthentication.FormsCookieName, hash)
Response.Cookies.Add(cookie)
Response.Redirect(FormsAuthentication.GetRedirectUrl(oUserInfo.EmailAddress,
False), False)
end sub
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
If User.Identity.IsAuthenticated Then
Dim id As FormsIdentity
id = HttpContext.Current.User.Identity
Dim AuthTicket As FormsAuthenticationTicket
AuthTicket = id.Ticket
Dim roles As String = AuthTicket.UserData
Dim RoleArray As String()
RoleArray = Split(roles, "|")
HttpContext.Current.User = New
GenericPrincipal(User.Identity, RoleArray)
End If
End If
End Sub
Thanks for your help...
Bob
"Paul Glavich" <glav@aspalliance.com-NOSPAM> wrote in message
news:ugz5l2LsDHA.2060@TK2MSFTNGP10.phx.gbl...
> You need to associate your principal with associated roles for each
request
> that comes in. Once you have authenticated and redirected, typically all
> that will be passed along (automatically that is) is that the user has
been
> authenticated. A common way of carrying the roles across multiple requests
> is, once authenticated, store the roles in the cookie that is issued to
the
> client. Each request that comes in (via the
Application_AuthenticateRequest
> event in Global.asax), you extract the roles, create your generic
principal
> with the extracted roles, and associate that generic principal wih the
> current context . When doing this, you should also remember to encrypt the
> cookie.
>
> --
> - Paul Glavich
>
>
> "Bob Erwin" <berwin@msbob.com> wrote in message
> news:#9cbNiGsDHA.2828@tk2msftngp13.phx.gbl...
> > Hi there,
> >
> > I have been reading up on Authorization and role based security for a
> couple
> > of days now, and am trying to implement this in my applications.
> >
> > I'm having a problem with my roles being reconized by using the
> > user.isinrole("test") on the redirected page after the Login.
> >
> > for instance, here is my code after I log into the page:
> >
> >
> > Dim test() As String = {"OEM", "test"}
> > HttpContext.Current.User = New GenericPrincipal(User.Identity, test)
> > FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, False)
> >
> > At this point if I break at the formsAuthentication.....I watch the
> > User.isinrole("test") it shows up true, however, when I get redirected
to
> > the webform1.aspx page and also watch user.isinrole("test") then it is
> > false.
> >
> > I'm really confused on what I need to do...I've tried the
> > Threading.currentprincipal = new genericPrincipal(User.Identity, test)
and
> > that didn't work as well. The User.identity.isauthenticated does come
> over
> > and also the User.identity.name comes over, it is just the
> > user.isinrole("test") that does not come over.
> >
> > Any thoughts?
> >
> > You help is greatly appreciated...
> >
> > Thanks,
> > Bob
> >
> >
>
>
- Previous message: Pete: "Re: achieve password encryption"
- Maybe in reply to: Bob Erwin: "Re: User.IsInRole not redirecting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
