Re: IsInRole problem

From: Colin Peters (cpeters_at_coldmail.com)
Date: 10/28/05

Next message: genc_ymeri: "Re: converting ASP.Net session type to an ASP one"

Previous message: Nicholas Paldino [.NET/C# MVP]: "Re: converting ASP.Net session type to an ASP one"
In reply to: Colin Peters: "IsInRole problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 28 Oct 2005 22:46:45 +0200

Session_Start isn't firing either. What's going on? I have

sessionState
mode="InProc"

This is getting plain silly.

Colin Peters wrote:

> Hi,
>
> I have the following problem:
>
> I've implemented role based security and it worked fine on both my local
> dev machine and my remote shared host. Now it only works on my dev
> machine. My shared host had some unidentified problems but I'm not sure
> they are related so I can't really ask them to change something.
>
> So I thought I'd investigate myself. I found by outputing to the page in
> the prod environment, that I get the right roles via:
>
> FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity;
> FormsAuthenticationTicket ticket = id.Ticket;
>
> // Get the stored user-data, in this case, our roles
> string userData = ticket.UserData;
> string[] roles = userData.Split(',');
>
> so I know the roles are stored int he cookie OK.
>
> In the Application_AuthenticateRequest method I then use this info thus:
> HttpContext.Current.User = new GenericPrincipal(id, roles);
>
> But when I go to retrieve the roles:
>
> Type type = princ.GetType();
> FieldInfo field = type.GetField("m_roles", BindingFlags.Instance |
> BindingFlags.NonPublic);
> String[] roles = (String[]) field.GetValue(princ);
>
>
> I find that it is empty. Also using User.IsInRole function never returns
> true even though I know I have that role from the previous output.
>
> All of the above works fine on my dev machine, so I'm trying to find out
> what can have an influence on this. Does the machine.cfg file have any
> settings? Can IIS setup make a difference?
>
> I'm rather puzzled, and tempted to write my own version of IsInRole
> based upon what I can extract myself from the cookie.
>
> Also, it seems that Session_End is also not firing? I get the impression
> that my host has fixed one thing and broken another. What can I check to
> give them some proof of what's at fault?
>
> Cheers

Next message: genc_ymeri: "Re: converting ASP.Net session type to an ASP one"

Previous message: Nicholas Paldino [.NET/C# MVP]: "Re: converting ASP.Net session type to an ASP one"
In reply to: Colin Peters: "IsInRole problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

IsInRole problem
... My shared host had some unidentified problems but I'm not sure ... Type type = princ.GetType; ... All of the above works fine on my dev machine, so I'm trying to find out ... based upon what I can extract myself from the cookie. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: IsInRole problem
... Colin - What ever came of this? ... >> dev machine and my remote shared host. ... My shared host had some unidentified problems but I'm not sure ... >> so I know the roles are stored int he cookie OK. ...
(microsoft.public.dotnet.framework.aspnet.security)