RE: Storing Role And User Id in UserData of FormAuthentication
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 07/15/05
- Next message: J-T: "Re: Connecting to DB and other resources outside the domain"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Serious help needed with beta 2.0 SiteMapProvider.."
- In reply to: societopia.net: "RE: Storing Role And User Id in UserData of FormAuthentication"
- Next in thread: Jamie Pollard: "Re: Storing Role And User Id in UserData of FormAuthentication"
- Reply: Jamie Pollard: "Re: Storing Role And User Id in UserData of FormAuthentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 14 Jul 2005 15:08:14 -0700
Hello societopia.net,
you could also just derive from GenericPrincipal and add the ID field...
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hi Jamie:
>
> After you have assigned the GenericPrincipal to the
> HttpContext.Current.User, you can always retrieve the User ID back
> from the FormsAuthenticationTicket in the Context.User.Identity:
>
> CType(CType(CType(Context.User.Identity,
> System.Security.Principal.IIdentity),
> System.Web.Security.FormsIdentity).Ticket,
> System.Web.Security.FormsAuthenticationTicket).UserData
>
> ---
> www.societopia.net
> "Jamie Pollard" wrote:
>
>> hello,
>>
>> i have been scouring the groups for the best possible solution to
>> this problem, but can't seem to find my exact scenario, so hopefully
>> someone can get me back on the right path. my situation is the
>> following:
>>
>> i have a asp.net app that uses formsauthentication, and in the
>> UserData field we store the role value of what the user is (ie admin,
>> user, etc.). i want to also store the user id in this UserData field
>> so i have added that and separated it by a comma, so the value would
>> look something like "Admin,123". so on the
>> Application_AuthenticateRequest event in global.asax.vb i can easily
>> split the values on the comma and then have the roles which are used
>> in:
>>
>> HttpContext.Current.User = New GenericPrincipal(id, asRoles)
>>
>> to verify whether they have access to certain directories or whatnot.
>> but within this GenericPrincipal there doesn't seem to be a place to
>> store this User Id value and have it readily available from each
>> page. i know you can do something like
>> HttpContext.Current.User.Identity.Name and that will give you the
>> name value that you stored in the formsauthentication ticket, but
>> there still isn't a way to get the user id. i tried setting a session
>> variable in the Application_AuthenticateRequest event to store the
>> user id, but kept getting an error; my thinking was that this way the
>> authentication and session would still be in sync because every time
>> the user authenticated, the session variable would be set (and i
>> wouldn't be using the session variable on pages that did not require
>> authentication). i have also seen where the id is appended to the
>> Name in the ticket, and then split out, but that doesn't seem very
>> .net like to me.
>>
>> so i guess my question is what am i missing? most examples i have
>> seen just store the "roles" in the user data field, and not multiple
>> types of data like user id, first name, last name, etc.
>>
>> thanks to any and all who respond,
>> jamie
- Next message: J-T: "Re: Connecting to DB and other resources outside the domain"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Serious help needed with beta 2.0 SiteMapProvider.."
- In reply to: societopia.net: "RE: Storing Role And User Id in UserData of FormAuthentication"
- Next in thread: Jamie Pollard: "Re: Storing Role And User Id in UserData of FormAuthentication"
- Reply: Jamie Pollard: "Re: Storing Role And User Id in UserData of FormAuthentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
