Re: When does the Roles/Username get set in HTTPContext?



Yes, it looks like this:

<authentication mode="Forms">
<forms loginUrl="~/Security/Login.aspx" protection="All"
requireSSL="false" slidingExpiration="true" name="STS Registration"
path="/Admin" />
</authentication>

"Dominick Baier" wrote:

have you set

<authentication mode="Forms" /> ?

-----
Dominick Baier (http://www.leastprivilege.com)

Hi,

I have just made an app that uses the 2.0 membership and roles system,
using a remote SQL Server 2005 DB for storage. I've created a
login.aspx page with a login control on it that seems to authenticate
correctly. The LoggedIn event fires when a correct username/password
combo has been entered.

However, the next page that I send the authenticated user to doesn't
show any of the context information. The loginname control shows blank
and loginstatus shows logged out(Log In). So it's like none of the
roles or other context for that user gets saved for later use. Setting
up a web.config file with deny anonymous also fails.

Is there some special code I have to put in the login control events
or global.asax that will set up the user's username and roles in
context? I've looked all over and don't see any examples of this.

My web.config sections have this:

<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
connectionStringName="SubTechAdmin"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="STSRegistration"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
type="System.Web.Security.SqlMembershipProvider,
System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<roleManager enabled="true" cacheRolesInCookie="true"
defaultProvider="AspNetSqlRoleProvider"
cookieName="STSAPLRegistration2007"
cookiePath="/" cookieTimeout="30" cookieRequireSSL="false"
cookieSlidingExpiration="true" createPersistentCookie="true"
cookieProtection="All">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider"
connectionStringName="SubTechAdmin"
applicationName="STSRegistration"
type="System.Web.Security.SqlRoleProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>



.



Relevant Pages

  • Re: When does the Roles/Username get set in HTTPContext?
    ... I have just made an app that uses the 2.0 membership and roles system, ... roles or other context for that user gets saved for later use. ... Is there some special code I have to put in the login control events ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: When does the Roles/Username get set in HTTPContext?
    ... I don't have any code in the login control event ... Is there code that I can get somewhere that will set the context? ... Dominick Baier ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: When does the Roles/Username get set in HTTPContext?
    ... and the code on your login page / login control event handler? ... Dominick Baier ... the roles or other context for that user gets saved for later use. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Is continuum completely filled up?
    ... cover it with (an uncountable infinity of) points of zero dimension. ... is not associated with such an a, since that's my membership ... what does "continuous" mean in this context? ...
    (sci.math)
  • Re: ASP V2, Membership Beginner Question
    ... I have set off using the Create User and Login Control. ... Identifier and the data value looks nothing like the values I keyed in. ... Membership Table. ... The User ID field is in GUID format (Globally ...
    (microsoft.public.dotnet.framework.aspnet.webcontrols)